CVE-2025-8753

Name of the Vulnerable Software and Affected Versions: linlinjava litemall versions up to 1.8.0

Description: A critical issue exists in linlinjava litemall up to version 1.8.0 related to path traversal. The delete function within the File Handler component, located at the /admin/storage/delete API endpoint, is affected. Manipulation of the key parameter can lead to unauthorized file deletion. The exploit has been publicly disclosed.

Recommendations: linlinjava litemall versions prior to 1.8.0 should be used.