CVE-2025-8764 – Linlinjava Litemall Unrestricted File Upload Vulnerability

August 9, 2025

CVE ID : CVE-2025-8764

Published : Aug. 9, 2025, 7:15 p.m. | 4 hours, 25 minutes ago

Description : A vulnerability classified as critical has been found in linlinjava litemall up to 1.8.0. Affected is the function Upload of the file /wx/storage/upload. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-8765 – Datacom DM955 5GT 1200 Wireless Basic Settings Cross Site Scripting Vulnerability

Next Article CVE-2025-8763 – Ruijie EG306MG StrongSwan Aggressive Mode PSK Encryption Bypass Vulnerability

CodeSOD: Across the 4th Dimension

Cursor vs GitHub Copilot (2025): Which AI Platform Wins for Your Node.js Dev Team?

NuGet adds support for Trusted Publishing

AWS launches IDE extension for building browser automation agents

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

IDC ServiceScape for Microsoft Power Apps Low-Code/No-Code Custom Application Development Services

A Stream-Oriented UI library for interactive web applications

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

CVE-2025-8764 – Linlinjava Litemall Unrestricted File Upload Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

b3sum – implementation of the BLAKE3 hash function

CVE-2025-23166 – Node.js Cryptographic Denial of Service Vulnerability

CVE-2025-6447 – “Simple Online Hotel Reservation System SQL Injection Vulnerability”

Retrieve the Currently Executing Closure in PHP 8.5

11 Vibe Coding Tools to 10x Your Development on Linux Desktop

CVE-2025-4898 – SourceCodester Student Result Management System Logo File Handler Remote Path Traversal Vulnerability

CVE-2025-4512 – Inetum IODAS Cross-Site Scripting Vulnerability

CVE-2025-36852 – Amazon S3/Google Cloud Storage Remote Cache Artifact Injection Vulnerability

CVE-2025-8764 – Linlinjava Litemall Unrestricted File Upload Vulnerability

Related Posts