Skip to main content

Litemall

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2024-46382 HIGH POC This Week

SQL injection in linlinjava litemall 1.8.0 allows unauthenticated remote attackers to extract sensitive data from the backend database by injecting malicious payloads into the goodsId, goodsSn, and name parameters handled by AdminOrderController.java. Publicly available exploit code exists, though EPSS rates exploitation probability low at 0.12% (30th percentile) and the issue is not listed in CISA KEV.

SQLi Litemall
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2024-46382
EPSS 0% CVSS 7.5
HIGH POC This Week

SQL injection in linlinjava litemall 1.8.0 allows unauthenticated remote attackers to extract sensitive data from the backend database by injecting malicious payloads into the goodsId, goodsSn, and name parameters handled by AdminOrderController.java. Publicly available exploit code exists, though EPSS rates exploitation probability low at 0.12% (30th percentile) and the issue is not listed in CISA KEV.

SQLi Litemall
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy