CVE-2025-4119

Name of the Vulnerable Software and Affected Versions Weitong Mall version 1.0.0

Description A critical issue was found in the Product Statistics Handler component, specifically affecting the /queryTotal file. The manipulation of the isDelete argument with the input 1 leads to improper access controls. This issue can be exploited remotely.

Recommendations For Weitong Mall version 1.0.0, as a temporary workaround, consider restricting access to the /queryTotal file of the Product Statistics Handler component to minimize the risk of exploitation. Avoid using the isDelete argument with the input 1 in the affected component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.