Product:

Xmall

(Exrick)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 3
Date Id Summary Products Score Patch Annotated
2025-05-05 CVE-2025-45612 Incorrect access control in xmall v1.1 allows attackers to bypass authentication via a crafted GET request to /index. Xmall N/A
2024-02-06 CVE-2024-24112 xmall v1.1 was discovered to contain a SQL injection vulnerability via the orderDir parameter. Xmall 9.8
2022-04-07 CVE-2021-43432 A Cross Site Scripting (XSS) vulnerability exists in Exrick XMall Admin Panel as of 11/7/2021 via the GET parameter in product-add.jsp. Xmall 6.1