Browse all 8 CVE security advisories affecting linlinjava. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Linlinjava is a Java-based web application framework primarily used for developing enterprise-level business applications. Historically, it has been associated with multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues, accounting for its eight recorded CVEs. The framework's security posture has been characterized by insufficient input validation and improper access controls in earlier versions. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests a need for rigorous security testing and prompt patching when using this technology in production environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-10291 | linlinjava litemall cancel WxAftersaleController improper authorization — litemallCWE-285 | 6.3 | Medium | 2025-09-12 |
| CVE-2025-8991 | linlinjava litemall Business Logic express logic error — litemallCWE-840 | 4.3 | Medium | 2025-08-15 |
| CVE-2025-8974 | linlinjava litemall JSON Web Token JwtHelper.java hard-coded credentials — litemallCWE-798 | 3.7 | Low | 2025-08-14 |
| CVE-2025-8965 | linlinjava litemall Endpoint AdminStorageController.java create unrestricted upload — litemallCWE-434 | 6.3 | Medium | 2025-08-14 |
| CVE-2025-8764 | linlinjava litemall upload unrestricted upload — litemallCWE-434 | 6.3 | Medium | 2025-08-09 |
| CVE-2025-8753 | linlinjava litemall File delete path traversal — litemallCWE-22 | 5.4 | Medium | 2025-08-09 |
| CVE-2025-6702 | linlinjava litemall post improper authorization — litemallCWE-285 | 4.3 | Medium | 2025-06-26 |
| CVE-2024-6452 | linlinjava litemall AdminGoodscontroller.java sql injection — litemallCWE-89 | 6.3 | Medium | 2024-07-02 |
This page lists every published CVE security advisory associated with linlinjava. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.