2 matches found
CVE-2018-9015
dsmall v20180320 allows XSS via the public/index.php/home/predeposit/index.html pdrsn parameter aka the CMS search box...
CVE-2018-9015
CVE-2018-9015 affects dsmall v20180320, with a cross-site scripting (XSS) vulnerability exploitable via the public/index.php/home/predeposit/index.html page’s pdr_sn parameter (the CMS search box). The issue stems from unsanitized input in the pdr_sn field, enabling injection of arbitrary web scr...