CVE-2025-9514

macrozheng mall Registration weak password

CVSS 6.3 MEDIUMEPSS 0.4%CWE-521

A vulnerability has been found in macrozheng mall up to 1.0.3. This impacts an unknown function of the component Registration. Such manipulation leads to weak password requirements. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is said to be difficult. The vendor deleted the GitHub issue for this vulnerability without and explanation.

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X

Produtos afetados

macrozheng · mall

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/macrozheng/mall/issues/923 https://vuldb.com/?ctiid.321507 https://vuldb.com/?id.321507 https://vuldb.com/?submit.635503