Macrozheng Mall Tiny
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Macrozheng Mall Tiny.
By the Year
In 2026 there have been 0 vulnerabilities in Macrozheng Mall Tiny. Last year, in 2025 Mall Tiny had 4 security vulnerabilities published. Right now, Mall Tiny is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 4 | 0.00 |
It may take a day or so for new Mall Tiny vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Macrozheng Mall Tiny Security Vulnerabilities
Mall-tiny 1.0.1 NULL Deref DoS via Auth
CVE-2024-57435
- January 31, 2025
In macrozheng mall-tiny 1.0.1, an attacker can send null data through the resource creation interface resulting in a null pointer dereference occurring in all subsequent operations that require authentication, which triggers a denial-of-service attack and service restart failure.
mall-tiny 1.0.1 Incorrect Access Control via Default Test Admin Import
CVE-2024-57434
- January 31, 2025
macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control. The project imports users by default, and the test user is made a super administrator.
Incorrect Access Control via Logout in Mall-Tiny 1.0.1
CVE-2024-57433
- January 31, 2025
macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control via the logout function. After a user logs out, their token is still available and fetches information in the logged-in state.
CVE-2024-57432: mall-tiny 1.0.1 JWT Key Hardcoding -> Auth Bypass
CVE-2024-57432
- January 31, 2025
macrozheng mall-tiny 1.0.1 suffers from Insecure Permissions. The application's JWT signing keys are hardcoded and do not change. User information is explicitly written into the JWT and used for subsequent privilege management, making it is possible to forge the JWT of any user to achieve authentication bypass.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Macrozheng Mall Tiny or by Macrozheng? Click the Watch button to subscribe.
