{"id":"CVE-2025-13443","details":"A vulnerability was detected in macrozheng mall up to 1.0.3. Affected by this issue is the function delete of the file /member/readHistory/delete. Performing manipulation of the argument ids results in improper access controls. Remote exploitation of the attack is possible. The exploit is now public and may be used.","modified":"2026-03-14T12:41:29.743007Z","published":"2025-11-20T15:17:25.267Z","references":[{"type":"ADVISORY","url":"https://vuldb.com/?id.333016"},{"type":"ADVISORY","url":"https://vuldb.com/?submit.690892"},{"type":"REPORT","url":"https://github.com/Hwwg/cve/issues/15"},{"type":"REPORT","url":"https://vuldb.com/?ctiid.333016"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13443.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.0.3"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}]}