Metrics
Affected Vendors & Products
Mon, 16 Sep 2024 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Project Team
Project Team tmall Demo |
|
CPEs | cpe:2.3:a:project_team:tmall_demo:*:*:*:*:*:*:*:* | |
Vendors & Products |
Project Team
Project Team tmall Demo |
Mon, 09 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mini
Mini mini-tmall |
|
CPEs | cpe:2.3:a:mini:mini-tmall:*:*:*:*:*:*:*:* | |
Vendors & Products |
Mini
Mini mini-tmall |
|
Metrics |
ssvc
|
Sun, 08 Sep 2024 02:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability, which was classified as critical, was found in Mini-Tmall up to 20240901. Affected is the function rewardMapper.select of the file tmall/admin/order/1/1. The manipulation of the argument orderBy leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
Title | Mini-Tmall 1 rewardMapper.select sql injection | |
Weaknesses | CWE-89 | |
References |
| |
Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2024-09-08T02:31:13.759Z
Updated: 2024-09-09T14:40:52.935Z
Reserved: 2024-09-07T06:25:02.420Z
Link: CVE-2024-8568
Updated: 2024-09-09T14:40:47.048Z
Status : Analyzed
Published: 2024-09-08T03:15:01.833
Modified: 2024-09-16T13:22:31.087
Link: CVE-2024-8568
No data.