22 matches found
EUVD-2024-16207
Malicious code in bioql PyPI...
EUVD-2024-16212
Malicious code in bioql PyPI...
CVE-2024-0412
A vulnerability was found in DeShang DSShop up to 3.1.0. It has been declared as problematic. This vulnerability affects unknown code of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. The attack can be initiated remotely...
CVE-2024-0417
A vulnerability, which was classified as critical, was found in DeShang DSShop up to 2.1.5. This affects an unknown part of the file application/home/controller/MemberAuth.php. The manipulation of the argument memberinfo leads to path traversal: '../filedir'. It is possible to initiate the attack...
CVE-2024-0417
A vulnerability, which was classified as critical, was found in DeShang DSShop up to 2.1.5. This affects an unknown part of the file application/home/controller/MemberAuth.php. The manipulation of the argument memberinfo leads to path traversal: '../filedir'. It is possible to initiate the attack...
Path traversal
A vulnerability, which was classified as critical, was found in DeShang DSShop up to 2.1.5. This affects an unknown part of the file application/home/controller/MemberAuth.php. The manipulation of the argument memberinfo leads to path traversal: '../filedir'. It is possible to initiate the attack...
CVE-2024-0417 DeShang DSShop MemberAuth.php path traversal
A vulnerability, which was classified as critical, was found in DeShang DSShop up to 2.1.5. This affects an unknown part of the file application/home/controller/MemberAuth.php. The manipulation of the argument memberinfo leads to path traversal: '../filedir'. It is possible to initiate the attack...
CVE-2024-0417
CVE-2024-0417 affects DeShang DSShop up to version 2.1.5, with a path traversal flaw in application/home/controller/MemberAuth.php triggered by manipulating the member_info argument. This vulnerability could be exploited remotely, and public disclosures exist. Multiple connected sources corrobora...
CVE-2024-0417 DeShang DSShop MemberAuth.php path traversal
A vulnerability, which was classified as critical, was found in DeShang DSShop up to 2.1.5. This affects an unknown part of the file application/home/controller/MemberAuth.php. The manipulation of the argument memberinfo leads to path traversal: '../filedir'. It is possible to initiate the attack...
CVE-2024-0412
A vulnerability was found in DeShang DSShop up to 3.1.0. It has been declared as problematic. This vulnerability affects unknown code of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. The attack can be initiated remotely...
CVE-2024-0412
A vulnerability was found in DeShang DSShop up to 3.1.0. It has been declared as problematic. This vulnerability affects unknown code of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. The attack can be initiated remotely...
Improper access control
A vulnerability was found in DeShang DSShop up to 3.1.0. It has been declared as problematic. This vulnerability affects unknown code of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. The attack can be initiated remotely...
CVE-2024-0412 DeShang DSShop HTTP GET Request install.php access control
A vulnerability was found in DeShang DSShop up to 3.1.0. It has been declared as problematic. This vulnerability affects unknown code of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. The attack can be initiated remotely...
CVE-2024-0412 DeShang DSShop HTTP GET Request install.php access control
A vulnerability was found in DeShang DSShop up to 3.1.0. It has been declared as problematic. This vulnerability affects unknown code of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. The attack can be initiated remotely...
CVE-2024-0412
Affected software: DeShang DSShop up to 3.1.0. Vulnerable component/file: HTTP GET Request Handler, public/install.php. Root cause: improper access controls. Impact: allows remote initiation of exploitation; exploit has been disclosed publicly. Current exploit reliability/availability not quantif...
DeShang DSShop Access Control Error Vulnerability
DeShang DSShop is a single-store mobile mall online store system from DeShang, China. The access control error vulnerability exists in DeShang DSShop prior to version 3.1.0. The vulnerability stems from the file public/install.php of the component HTTP GET Request Handler, which results in...
DeShang DSShop Security Vulnerability
DeShang DSShop is a single-store mobile mall online store system from DeShang. A security vulnerability exists in DeShang DSShop before version 2.1.5, which originates from a path traversal caused by the operation of the parameter memberinfo in the file application/home/controller/MemberAuth.php...
PT-2024-15535 · Deshang · Deshang Dsshop
Name of the Vulnerable Software and Affected Versions: DeShang DSShop versions up to 3.1.0 Description: A vulnerability was found in the HTTP GET Request Handler component, specifically affecting the file public/install.php. This issue leads to improper access controls and can be initiated...
PT-2024-15540 · Deshang · Deshang Dsshop
Name of the Vulnerable Software and Affected Versions: DeShang DSShop versions up to 2.1.5 Description: A critical vulnerability was found in DeShang DSShop, affecting an unknown part of the file application/home/controller/MemberAuth.php. The manipulation of the member info argument leads to pat...
Arbitrary File Deletion Vulnerability in DSShop
DSShop is based on ThinkPHP5 framework for the development of a single store mall system, full support for PC, WAP, microblogging and other terminal equipment, designed for business users to adapt to the entire business model of the solution, can fully meet the operational needs. DSShop arbitrary...