Early Access — Mondoo Vulnerability Intelligence is currently in preview.
A security vulnerability has been detected in macrozheng mall up to 1.0.3. This vulnerability affects unknown code of the file /member/address/update/ of the component Member Endpoint. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Exploitability
AV:NAC:LAT:NPR:LUI:NVulnerable System
VC:NVI:LVA:NSubsequent System
SC:NSI:NSA:N5.3/CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P