CVE-2024-0413 DeShang DSKMS install.php access control

A vulnerability was found in DeShang DSKMS up to 3.1.2. It has been rated as problematic. This issue affects some unknown processing of the file public/install.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the publ...

CVE-2024-0413

CVE-2024-0413 affects DeShang DSKMS up to version 3.1.2. The issue occurs in processing of public/install.php and leads to improper access controls. The vulnerability is network-exploitable with no user interaction, and public exploitation has been disclosed. The core impact is potential unauthor...

CVE-2024-0412 DeShang DSShop HTTP GET Request install.php access control

A vulnerability was found in DeShang DSShop up to 3.1.0. It has been declared as problematic. This vulnerability affects unknown code of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. The attack can be initiated remotely...

CVE-2024-0411

The CVE-2024-0411 entry concerns DeShang DSMall up to version 6.1.0, affecting the file public/install.php within the HTTP GET Request Handler. The vulnerability enables improper access controls and can be triggered remotely. The exploit has been disclosed publicly. Connected documents corroborat...

CVE-2024-0411 DeShang DSMall HTTP GET Request install.php access control

A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...

CVE-2024-0358 DeShang DSO2O install.php access control

A vulnerability was found in DeShang DSO2O up to 4.1.0. It has been classified as critical. This affects an unknown part of the file /install/install.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the publ...

DeShang DSO2O Access Control Error Vulnerability

DeShang DSO2O is a new retail e-commerce system from DeShang, China. An Access Control Error vulnerability exists in DeShang DSO2O version 4.1.0 and earlier, which stems from an unknown section in /install/install.php that results in incorrect access control...

CVE-2023-7193

Affected software: MTab Bookmark (versions up to 1.2.6). Vulnerability in the Installation component, specifically the public/install.php file, described as an access control error due to manipulation of unknown processing within that file. Impact is reported as improper access controls (critical...

CVE-2023-7193 MTab Bookmark Installation install.php access control

A vulnerability was found in MTab Bookmark up to 1.2.6 and classified as critical. This issue affects some unknown processing of the file public/install.php of the component Installation. The manipulation leads to improper access controls. The complexity of an attack is rather high. The...

CVE-2023-7193 MTab Bookmark Installation install.php access control

A vulnerability was found in MTab Bookmark up to 1.2.6 and classified as critical. This issue affects some unknown processing of the file public/install.php of the component Installation. The manipulation leads to improper access controls. The complexity of an attack is rather high. The...

Cross site scripting

A vulnerability was found in PopojiCMS 2.0.1 and classified as problematic. This issue affects some unknown processing of the file install.php of the component Web Config. The manipulation of the argument Site Title with the input alert1 leads to cross site scripting. The attack may be initiated...

Pluck CMS Cross-Site Scripting Vulnerability

Pluck is a content management system CMS developed using the PHP language. A cross-site scripting vulnerability exists in Pluck CMS version 4.7.18, which stems from unknown code in install.php in the component Installation Handler, resulting in cross-site scripting. An attacker can exploit this...

Information disclosure

An issue in TDSQL Chitu management platform v.10.3.19.5.0 allows a remote attacker to obtain sensitive information via getdbinfo function in install.php...

PT-2023-28326 · Unknown · Tdsql Chitu Management Platform

Name of the Vulnerable Software and Affected Versions: TDSQL Chitu management platform version 10.3.19.5.0 Description: An issue in the TDSQL Chitu management platform allows a remote attacker to obtain sensitive information via the get db info function in the install.php file. Recommendations: F...

CVE-2023-42387

An issue in TDSQL Chitu management platform v.10.3.19.5.0 allows a remote attacker to obtain sensitive information via getdbinfo function in install.php...

CVE-2023-5013 Pluck CMS Installation install.php cross site scripting

A vulnerability has been found in Pluck CMS 4.7.18 and classified as problematic. This vulnerability affects unknown code of the file install.php of the component Installation Handler. The manipulation of the argument contents with the input alert'xss' leads to cross site scripting. The attack ca...

PT-2023-31480 · Pluck Cms · Pluck Cms

Name of the Vulnerable Software and Affected Versions: Pluck CMS version 4.7.18 Description: A problematic issue has been identified, affecting the install.php file of the Installation Handler component. The manipulation of the contents argument with the input alert'xss' leads to cross-site...

haraj 1.1 Add Administrator

==================================================================================================================================== | Title : haraj V1.1 Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendor :...

Advanced Testimonials Manager 5.5 Add Administrator

==================================================================================================================================== | Title : Advanced Testimonials Manager v5.5 Reinstall Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

CVE-2023-29855

WBCE CMS 1.5.3 is affected by a command execution vulnerability in the admin/languages/install.php endpoint. The issue arises from a poorly filtered parameter in the Language Install module, enabling potential arbitrary command execution. Relevant advisories reference this exact vector across mul...