Submeter #695943: youlai-mall latest Improper Control of Resource Identifiersinformação

Títuloyoulai-mall latest Improper Control of Resource Identifiers
Descriçãoyoulai-mall improper access control on App order deletion allows horizontal privilege escalation via orderId
Fonte⚠️ https://github.com/Hwwg/cve/issues/23
Utilizador
 huangweigang (UID 88993)
Submissão15/11/2025 07h39 (há 5 meses)
Moderação05/12/2025 09h35 (20 days later)
EstadoAceite
Entrada VulDB334476 [youlaitech youlai-mall 1.0.0/2.0.0 /app-api/v1/orders/ orderId Elevação de Privilégios]
Pontos14

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!