Skip to main content

Wangmarket

6 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-15452 LOW POC Monitor

A weakness has been identified in xnx3 wangmarket up to 4.9. This affects the function variableList of the file /admin/system/variableList.do of the component Backend Variable Search. [CVSS 2.4 LOW]

XSS Wangmarket
NVD VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-15451 LOW POC Monitor

A security flaw has been discovered in xnx3 wangmarket up to 4.9. Affected by this issue is some unknown functionality of the file /admin/system/variableSave.do of the component System Variables Page. [CVSS 2.4 LOW]

XSS Wangmarket
NVD VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-15416 LOW POC Monitor

A vulnerability was found in xnx3 wangmarket up to 6.4. This affects an unknown function of the file /siteVar/save.do of the component Add Global Variable Handler. [CVSS 2.4 LOW]

XSS Wangmarket
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-15415 LOW POC Monitor

A vulnerability has been found in xnx3 wangmarket up to 6.4. The impacted element is the function uploadImage of the file /sits/uploadImage.do of the component XML File Handler. [CVSS 4.7 MEDIUM]

File Upload Authentication Bypass Wangmarket
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-25770 MEDIUM POC This Month

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /agency/AgencyUserController.java. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Wangmarket
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-25769 HIGH This Week

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /controller/UserController.java. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Wangmarket
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-15452
EPSS 0% CVSS 1.9
LOW POC Monitor

A weakness has been identified in xnx3 wangmarket up to 4.9. This affects the function variableList of the file /admin/system/variableList.do of the component Backend Variable Search. [CVSS 2.4 LOW]

XSS Wangmarket
NVD VulDB
CVE-2025-15451
EPSS 0% CVSS 1.9
LOW POC Monitor

A security flaw has been discovered in xnx3 wangmarket up to 4.9. Affected by this issue is some unknown functionality of the file /admin/system/variableSave.do of the component System Variables Page. [CVSS 2.4 LOW]

XSS Wangmarket
NVD VulDB
CVE-2025-15416
EPSS 0% CVSS 1.9
LOW POC Monitor

A vulnerability was found in xnx3 wangmarket up to 6.4. This affects an unknown function of the file /siteVar/save.do of the component Add Global Variable Handler. [CVSS 2.4 LOW]

XSS Wangmarket
NVD GitHub VulDB
CVE-2025-15415
EPSS 0% CVSS 2.0
LOW POC Monitor

A vulnerability has been found in xnx3 wangmarket up to 6.4. The impacted element is the function uploadImage of the file /sits/uploadImage.do of the component XML File Handler. [CVSS 4.7 MEDIUM]

File Upload Authentication Bypass Wangmarket
NVD GitHub VulDB
CVE-2025-25770
EPSS 0% CVSS 6.8
MEDIUM POC This Month

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /agency/AgencyUserController.java. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Wangmarket
NVD
CVE-2025-25769
EPSS 0% CVSS 8.0
HIGH This Week

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /controller/UserController.java. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Wangmarket
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy