CVE-2024-57434 – Macrozheng Mall-Tiny Default Test User Super Admin Account Creation Vulnerability

The following table lists the changes that have been made to the CVE-2024-57434 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics.

  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Feb. 03, 2025

    Action Type Old Value New Value
    Added CVSS V3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Added CWE CWE-863
    Added Reference https://github.com/peccc/restful_vul/blob/main/mall_tiny_weak_password/mall_tiny_weak_password.md
  • New CVE Received by [email protected]

    Jan. 31, 2025

    Action Type Old Value New Value
    Added Description macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control. The project imports users by default, and the test user is made a super administrator.
    Added Reference https://github.com/peccc/restful_vul/blob/main/mall_tiny_weak_password/mall_tiny_weak_password.md

نوشته های مشابه

CVE-2024-53320 – Qualisys C++ SDK Buffer Overflow Vulnerability

CVE-2024-12859 – BoomBox Theme Extensions WordPress Local File Inclusionцами Vulnerability

CVE-2024-57968 – Advantive VeraCore Unrestricted File Upload Vulnerability

CVE-2025-24960 – Jellystat Path Traversal Vulnerability in Jellyfin Statistics App