← Back

Starsea99

starsea99

7 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Starsea Mall
starsea-mall
7 CVEs

CVEs (7)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-2352
1Starsea99
1Starsea Mall
Oct 10, 2025
Mar 16, 2025
4.8 MEDIUM· v4
5.4 MEDIUM· v3
3.3 LOW· v2
A vulnerability, which was classified as problematic, has been found in StarSea99 starsea-mall 1.0. This issue affects some unknown processing of the file /admin/indexConfigs/save of the component Backend. The manipulati...Show more
A vulnerability, which was classified as problematic, has been found in StarSea99 starsea-mall 1.0. This issue affects some unknown processing of the file /admin/indexConfigs/save of the component Backend. The manipulation of the argument categoryName leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-2089
1Starsea99
1Starsea Mall
Oct 10, 2025
Mar 7, 2025
5.3 MEDIUM· v4
5.4 MEDIUM· v3
5.5 MEDIUM· v2
A vulnerability has been found in StarSea99 starsea-mall 1.0/2.X and classified as critical. Affected by this vulnerability is the function updateUserInfo of the file /personal/updateInfo of the component com.siro.mall.c...Show more
A vulnerability has been found in StarSea99 starsea-mall 1.0/2.X and classified as critical. Affected by this vulnerability is the function updateUserInfo of the file /personal/updateInfo of the component com.siro.mall.controller.mall.UserController. The manipulation of the argument userId leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-2087
1Starsea99
1Starsea Mall
Mar 13, 2025
Mar 7, 2025
5.1 MEDIUM· v4
6.1 MEDIUM· v3
4.0 MEDIUM· v2
A vulnerability, which was classified as problematic, has been found in StarSea99 starsea-mall 1.0. This issue affects some unknown processing of the file /admin/goods/update. The manipulation of the argument goodsName l...Show more
A vulnerability, which was classified as problematic, has been found in StarSea99 starsea-mall 1.0. This issue affects some unknown processing of the file /admin/goods/update. The manipulation of the argument goodsName leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-2086
1Starsea99
1Starsea Mall
Mar 13, 2025
Mar 7, 2025
5.1 MEDIUM· v4
6.1 MEDIUM· v3
4.0 MEDIUM· v2
A vulnerability classified as problematic was found in StarSea99 starsea-mall 1.0. This vulnerability affects unknown code of the file /admin/indexConfigs/update. The manipulation of the argument redirectUrl leads to cro...Show more
A vulnerability classified as problematic was found in StarSea99 starsea-mall 1.0. This vulnerability affects unknown code of the file /admin/indexConfigs/update. The manipulation of the argument redirectUrl leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-2085
1Starsea99
1Starsea Mall
Mar 13, 2025
Mar 7, 2025
5.1 MEDIUM· v4
6.1 MEDIUM· v3
4.0 MEDIUM· v2
A vulnerability classified as problematic has been found in StarSea99 starsea-mall 1.0. This affects an unknown part of the file /admin/carousels/save. The manipulation of the argument redirectUrl leads to cross site scr...Show more
A vulnerability classified as problematic has been found in StarSea99 starsea-mall 1.0. This affects an unknown part of the file /admin/carousels/save. The manipulation of the argument redirectUrl leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-0400
1Starsea99
1Starsea Mall
Oct 10, 2025
Jan 12, 2025
5.1 MEDIUM· v4
5.4 MEDIUM· v3
3.3 LOW· v2
A vulnerability was found in StarSea99 starsea-mall 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/categories/update. The manipulation of the argument categoryName le...Show more
A vulnerability was found in StarSea99 starsea-mall 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/categories/update. The manipulation of the argument categoryName leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-0399
1Starsea99
1Starsea Mall
Oct 10, 2025
Jan 12, 2025
5.1 MEDIUM· v4
7.2 HIGH· v3
5.8 MEDIUM· v2
A vulnerability was found in StarSea99 starsea-mall 1.0. It has been declared as critical. This vulnerability affects the function UploadController of the file src/main/java/com/siro/mall/controller/common/uploadControll...Show more
A vulnerability was found in StarSea99 starsea-mall 1.0. It has been declared as critical. This vulnerability affects the function UploadController of the file src/main/java/com/siro/mall/controller/common/uploadController.java. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less