Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 14 Jul 2026 22:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was determined in zhinianboke xianyu-auto-reply on Server. Affected by this vulnerability is an unknown functionality of the file /api/v1/payment/withdraw/review?action=approve. Executing a manipulation can lead to trusting http permission methods on the server side. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called 19fc3282a1bb78a05c34945c088525d20e081cbd. It is best practice to apply a patch to resolve this issue. | |
| Title | zhinianboke xianyu-auto-reply review approve trusting http permission methods on the server side | |
| First Time appeared |
Zhinianboke
Zhinianboke xianyu-auto-reply |
|
| Weaknesses | CWE-650 | |
| CPEs | cpe:2.3:a:zhinianboke:xianyu-auto-reply:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Zhinianboke
Zhinianboke xianyu-auto-reply |
|
| References |
|
|
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-14T22:30:09.981Z
Reserved: 2026-07-14T15:51:28.328Z
Link: CVE-2026-15753
No data.
No data.
No data.
OpenCVE Enrichment
No data.