CVE-2025-8742

Source
https://cve.org/CVERecord?id=CVE-2025-8742
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-8742.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-8742
Published
2025-08-08T22:02:05.587Z
Modified
2026-07-08T08:06:53.920709793Z
Severity
  • 6.3 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X CVSS Calculator
Summary
macrozheng mall Admin Login excessive authentication
Details

A vulnerability was found in macrozheng mall 1.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/8xxx/CVE-2025-8742.json",
    "cna_assigner": "VulDB",
    "cwe_ids": [
        "CWE-307",
        "CWE-799"
    ],
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "introduced": "1.0.3"
                },
                {
                    "last_affected": "1.0.3"
                }
            ],
            "source": "AFFECTED_FIELD"
        }
    ]
}
References

Affected packages

Git / github.com/macrozheng/mall

Affected ranges

Type
GIT
Repo
https://github.com/macrozheng/mall
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "cpe": "cpe:2.3:a:macrozheng:mall:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.3"
        }
    ],
    "source": "CPE_RANGE"
}

Affected versions

v1.*
v1.0.0
v1.0.1
v1.0.2
v1.0.3

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-8742.json"