CVE-2025-8755 – Macrozheng Mall Authorization Bypass Vulnerability

August 9, 2025

CVE ID : CVE-2025-8755

Published : Aug. 9, 2025, 2:15 p.m. | 9 hours, 25 minutes ago

Description : A vulnerability was found in macrozheng mall up to 1.0.3 and classified as problematic. This issue affects the function detail of the file UmsMemberController.java of the component com.macro.mall.portal.controller. The manipulation of the argument orderId leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2022-50233 – Linux Kernel Bluetooth eir strlen Vulnerability

Next Article CVE-2025-8753 – Linlinjava Litemall File Handler Path Traversal Vulnerability

Highlights

CVE-2025-5906 – Code-projects Laundry System Remote Authentication Bypass

June 9, 2025

CVE ID : CVE-2025-5906

Published : June 10, 2025, 1:15 a.m. | 23 minutes ago

Description : A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This affects an unknown part of the file /data/. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

CVE-2025-8755 – Macrozheng Mall Authorization Bypass Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Mafia: The Old Country, Witch It, and More Xbox Games Launching This Week

Circana: Xbox may have finally seen some solid YoY hardware growth, both in units and retail sales

YaST2 is a GRUB graphical configuration tool for openSUSE

CVE-2025-2905 (CVSS 9.1): Critical XXE Vulnerability Found in WSO2 API Manager

CVE-2025-5906 – Code-projects Laundry System Remote Authentication Bypass

CVE-2025-48493 – “Redis AUTH Credentials Exposed in Yii Logs”

CVE-2025-28388 – OpenC3 COSMOS Hardcoded Credentials Vulnerability

Writing Your First Terraform Configuration: A Step-by-Step Guide

CVE-2025-8755 – Macrozheng Mall Authorization Bypass Vulnerability

Related Posts