All 5 CVE vulnerabilities found in JPACookieShop 蛋糕商城JPA版, with AI-generated Chinese analysis, references, and POCs.
Vendor: jerryshensjf
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-8223 | jerryshensjf JPACookieShop 蛋糕商城JPA版 AdminTypeCustController.java cross-site request forgery CWE-352 | 4.3 | Medium | 2025-07-27 |
| CVE-2025-8222 | jerryshensjf JPACookieShop 蛋糕商城JPA版 GoodsController.java cross site scripting CWE-79 | 3.5 | Low | 2025-07-27 |
| CVE-2025-8221 | jerryshensjf JPACookieShop 蛋糕商城JPA版 GoodsCustController.java goodsSearch cross site scripting CWE-79 | 4.3 | Medium | 2025-07-27 |
| CVE-2025-7939 | jerryshensjf JPACookieShop 蛋糕商城JPA版 GoodsController.java addGoods unrestricted upload CWE-434 | 6.3 | Medium | 2025-07-21 |
| CVE-2025-7938 | jerryshensjf JPACookieShop 蛋糕商城JPA版 GoodsController.java updateGoods authorization CWE-639 | 4.3 | Medium | 2025-07-21 |
All 5 known CVE vulnerabilities affecting JPACookieShop 蛋糕商城JPA版 with full Chinese analysis, references, and POCs where available.