exploitDog

CVE-2025-9514

Опубликовано: 27 авг. 2025

Источник: nvd

CVSS3: 3.7

CVSS2: 2.6

EPSS Низкий

Описание

A vulnerability has been found in macrozheng mall up to 1.0.3. This impacts an unknown function of the component Registration. Such manipulation leads to weak password requirements. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is said to be difficult. The vendor deleted the GitHub issue for this vulnerability without and explanation.

Ссылки

https://github.com/macrozheng/mall/issues/923
Not Applicable
https://vuldb.com/?ctiid.321507
Permissions Required
VDB Entry
https://vuldb.com/?id.321507
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.635503
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:macrozheng:mall:*:*:*:*:*:*:*:*

Версия до 1.0.3 (включая)

EPSS

Процентиль: 8%

0.00029

Низкий

3.7 Low

CVSS3

2.6 Low

CVSS2

Дефекты

CWE-521

Связанные уязвимости

GHSA-3mmp-v5fp-4vcm

CVSS3: 3.7

github

5 месяцев назад

A vulnerability has been found in macrozheng mall up to 1.0.3. This impacts an unknown function of the component Registration. Such manipulation leads to weak password requirements. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is said to be difficult. The vendor deleted the GitHub issue for this vulnerability without and explanation.

EPSS

Процентиль: 8%

0.00029

Низкий

3.7 Low

CVSS3

2.6 Low

CVSS2

Дефекты

CWE-521