| Title | https://gitee.com/xiweicheng/tms/ Merchant Mall - Mall Development/TMS 1.0 Unrestricted Upload |
|---|
| Description | Merchant Mall - The TMS system developed for the mall has an arbitrary file upload vulnerability. This vulnerability is a high-risk security flaw caused by the web application's failure to strictly verify or filter user-uploaded files. |
|---|
| Source | ⚠️ https://github.com/bkglfpp/CVE-md/blob/main/%E5%95%86%E6%88%B7%E5%95%86%E5%9F%8E%E2%80%94%E5%95%86%E5%9F%8E%E5%BC%80%E5%8F%91tms/%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0.md |
|---|
| User | youran (UID 89737) |
|---|
| Submission | 01/04/2026 09:40 (5 months ago) |
|---|
| Moderation | 01/16/2026 20:09 (12 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 341629 [xiweicheng TMS up to 2.28.0 FileController.java upload filename unrestricted upload] |
|---|
| Points | 16 |
|---|