CVE-2025-9514

LOW

macrozheng mall <1.0.3 - Info Disclosure

Title source: llm

Description

A vulnerability has been found in macrozheng mall up to 1.0.3. This impacts an unknown function of the component Registration. Such manipulation leads to weak password requirements. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is said to be difficult. The vendor deleted the GitHub issue for this vulnerability without and explanation.

References (4)

Scores

CVSS v3 3.7
EPSS 0.0003
EPSS Percentile 8.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Classification

CWE
CWE-521
Status published

Affected Products (1)

macrozheng/mall < 1.0.3

Timeline

Published Aug 27, 2025
Tracked Since Feb 18, 2026