MEDIUM🇵🇱 Wersja polska

CVE-2025-8742

CVSS 6.3v4.0pub. 2025-08-08upd. 2025-09-02

A vulnerability was found in macrozheng mall 1.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Vector
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Macrozheng Mall

    APP
    Macrozheng
    ≤ 1.0.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-25858CRITICAL9.3PL ✓ten sam produkt

Macrozheng Mall – nieuwierzytelnione przejęcie konta przez ujawnienie OTP

CVE-2025-9514MEDIUM6.3ten sam produkt

A vulnerability has been found in macrozheng mall up to 1.0.3. This impacts an unknown function of the compone...

CVE-2025-8755MEDIUM5.5ten sam produkt

A vulnerability was found in macrozheng mall up to 1.0.3 and classified as problematic. This issue affects the...

CVE-2025-15118LOW2.1ten sam produkt

W macrozheng mall do wersji 1.0.3 wykryto lukę bezpieczeństwa dotyczącą nieznanego kodu w pliku /member/addres...

CVE-2025-13443LOW2.1ten sam produkt

W mall macrozheng do wersji 1.0.3 wykryto podatność. Problem dotyczy funkcji delete w pliku /member/readHistor...

CVE-2025-8742 — Macrozheng — Mall — MEDIUM — CVSS 6.3 | CVEbaza.pl