LOW
linlinjava
CVE published 2026-05-18
CVE-2026-8773
A low-severity argument injection vulnerability exists in the linlinjava litemall project, affecting versions up to 1.8.0. The vulnerability resides in the `backup/load` function within `DbUtil.java`, where improper handling of the `db/password` parameter allows remote attackers to inject arguments. The CVSS 4.0 score of 2.0 reflects limited impact due to high privileges required for exploitation. The ven [truncated]