VYPR
Vendor

Tmall Demo

Products
3
CVEs
11
Across products
12
Status
Private

Products

3

Recent CVEs

11
  • CVE-2024-40554HigJul 15, 2024
    risk 0.49cvss 7.5epss 0.00

    An access control issue in Tmall_demo v2024.07.03 allows attackers to obtain sensitive information.

  • CVE-2024-40560HigJul 15, 2024
    risk 0.47cvss 7.3epss 0.00

    Tmall_demo before v2024.07.03 was discovered to contain a SQL injection vulnerability.

  • CVE-2024-40555MedJul 15, 2024
    risk 0.34cvss 5.3epss 0.00

    Tmall_demo v2024.07.03 was discovered to contain an arbitrary file upload vulnerability.

  • CVE-2024-40553MedJul 15, 2024
    risk 0.32cvss 4.9epss 0.00

    Tmall_demo v2024.07.03 was discovered to contain an arbitrary file upload via the component uploadUserHeadImage.

  • CVE-2025-5131MedMay 24, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in Tmall Demo up to 20250505. It has been declared as critical. This vulnerability affects the function uploadCategoryImage of the file tmall/admin/uploadCategoryImage. The manipulation of the argument File leads to unrestricted upload. The attack can…

  • CVE-2025-5130MedMay 24, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in Tmall Demo up to 20250505. It has been classified as critical. This affects the function uploadProductImage of the file tmall/admin/uploadProductImage. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the…

  • CVE-2025-5133MedMay 24, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability classified as problematic has been found in Tmall Demo up to 20250505. Affected is an unknown function of the component Search Box. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the…

  • CVE-2025-5132MedMay 24, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in Tmall Demo up to 20250505. It has been rated as problematic. This issue affects some unknown processing of the file tmall/admin/account/logout. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit…

  • CVE-2025-5136LowMay 25, 2025
    risk 0.24cvss 3.7epss 0.00

    A vulnerability, which was classified as problematic, was found in Tmall Demo up to 20250505. This affects an unknown part of the file /tmall/order/pay/ of the component Payment Identifier Handler. The manipulation leads to insufficiently random values. It is possible to…

  • CVE-2025-5134LowMay 24, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability classified as problematic was found in Tmall Demo up to 20250505. Affected by this vulnerability is an unknown functionality of the component Buy Item Page. The manipulation of the argument Detailed Address leads to cross site scripting. The attack can be…

  • CVE-2025-5135LowMay 24, 2025
    risk 0.16cvss 2.4epss 0.00

    A vulnerability, which was classified as problematic, has been found in Tmall Demo up to 20250505. Affected by this issue is some unknown functionality of the file /tmall/admin/ of the component Product Details Page. The manipulation of the argument Product Name/Product Title…