CVE-2025-8741
BaseFortify
Publication date: 2025-08-08
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| macrozheng | mall | to 1.0.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-319 | The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. |
| CWE-310 | Cryptographic Issues |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in macrozheng mall up to version 1.0.3, specifically in an unknown functionality of the /admin/login file. It allows sensitive information to be transmitted in cleartext, which can be intercepted by attackers. The attack can be launched remotely but is considered to have high complexity and is difficult to exploit. The exploit has been publicly disclosed, and the vendor did not respond to the disclosure.
How can this vulnerability impact me? :
The vulnerability can lead to sensitive information being exposed during transmission, potentially allowing attackers to intercept and misuse this data. This could compromise the security of user credentials or other sensitive admin information, leading to unauthorized access or data breaches.