CVE-2026-8772
MEDIUM
NVD
CVSS Score
4.7
Severity
MEDIUM
Published
May 18, 2026
Vendor
unknown
Description
A weakness has been identified in linlinjava litemall up to 1.8.0. Affected is an unknown function of the component Admin Endpoint. Executing a manipulation can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. Multiple endpoints are affected. The vendor was contacted early about this disclosure but did not respond in any way.