All 7 CVE vulnerabilities found in newbee-mall, with AI-generated Chinese analysis, references, and POCs.
Vendor: n/a
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2026-2658 | newbee-ltd newbee-mall Multiple Endpoints cross-site request forgery CWE-352 | 4.3 | Medium | 2026-02-18 |
| CVE-2026-26219 | newbee-mall Unsalted MD5 Password Hashing Enables Offline Credential Cracking CWE-327 | 9.1 | Critical | 2026-02-12 |
| CVE-2026-26218 | newbee-mall Default Seeded Administrator Credentials Allow Account Takeover CWE-798 | 9.8 | Critical | 2026-02-12 |
| CVE-2025-10423 | newbee-mall kaptcha mallKaptcha Captcha CWE-804 | 3.7 | Low | 2025-09-15 |
| CVE-2025-10422 | newbee-mall Order Status paySuccess improper authorization CWE-285 | 4.3 | Medium | 2025-09-15 |
| CVE-2025-4259 | newbee-mall UploadController.java upload unrestricted upload CWE-434 | 6.3 | Medium | 2025-05-05 |
| CVE-2025-1114 | newbee-mall Add Category Page save cross site scripting CWE-79 | 3.5 | Low | 2025-02-07 |
All 7 known CVE vulnerabilities affecting newbee-mall with full Chinese analysis, references, and POCs where available.