Lucene search
K

82 matches found

Vulnrichment
Vulnrichment
added 2024/01/11 5:31 p.m.3 views

CVE-2024-0416 DeShang DSMall MemberAuth.php path traversal

A vulnerability, which was classified as critical, has been found in DeShang DSMall up to 5.0.3. Affected by this issue is some unknown functionality of the file application/home/controller/MemberAuth.php. The manipulation of the argument filename leads to path traversal: '../filedir'. The attack...

5.5CVSS9.5AI score0.0094EPSS
Exploits0References3
CVE
CVE
added 2024/01/11 5:31 p.m.62 views

CVE-2024-0416

The CVE-2024-0416 entry concerns DeShang DSMall (up to v5.0.3). The vulnerability lies in file application/home/controller/MemberAuth.php, where manipulating the file_name argument triggers a path traversal (../filedir). This is a remote issue and the exploit has public disclosure. Impact is tied...

9.8CVSS9.4AI score0.0094EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/01/11 5:31 p.m.23 views

CVE-2024-0415 DeShang DSMall Image URL TaobaoExport.php access control

A vulnerability classified as critical was found in DeShang DSMall up to 6.1.0. Affected by this vulnerability is an unknown functionality of the file application/home/controller/TaobaoExport.php of the component Image URL Handler. The manipulation leads to improper access controls. The attack ca...

6.5CVSS9.8AI score0.00557EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/01/11 5:31 p.m.14 views

CVE-2024-0415 DeShang DSMall Image URL TaobaoExport.php access control

A vulnerability classified as critical was found in DeShang DSMall up to 6.1.0. Affected by this vulnerability is an unknown functionality of the file application/home/controller/TaobaoExport.php of the component Image URL Handler. The manipulation leads to improper access controls. The attack ca...

6.5CVSS7AI score0.00557EPSS
Exploits0References3
CVE
CVE
added 2024/01/11 5:31 p.m.37 views

CVE-2024-0415

CVE-2024-0415 affects DeShang DSMall up to version 6.1.0, where an unknown functionality in Image URL Handler (file: application/home/controller/TaobaoExport.php) allows improper access control. The vulnerability can be exploited remotely and was disclosed publicly. Documented mitigation in PT-20...

9.8CVSS9.5AI score0.00557EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/01/11 5:15 p.m.17 views

CVE-2024-0411

A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...

7.5CVSS6.2AI score0.02211EPSS
Exploits0References3
OSV
OSV
added 2024/01/11 5:15 p.m.4 views

CVE-2024-0411

A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...

7.5CVSS4.8AI score0.02211EPSS
Exploits0References3
Prion
Prion
added 2024/01/11 5:15 p.m.20 views

Improper access control

A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...

5CVSS7.2AI score0.02211EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/01/11 4:31 p.m.25 views

CVE-2024-0411 DeShang DSMall HTTP GET Request install.php access control

A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...

5.3CVSS7.8AI score0.02211EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/01/11 4:31 p.m.5 views

CVE-2024-0411 DeShang DSMall HTTP GET Request install.php access control

A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...

5.3CVSS7.7AI score0.02211EPSS
Exploits0References3
CVE
CVE
added 2024/01/11 4:31 p.m.57 views

CVE-2024-0411

The CVE-2024-0411 entry concerns DeShang DSMall up to version 6.1.0, affecting the file public/install.php within the HTTP GET Request Handler. The vulnerability enables improper access controls and can be triggered remotely. The exploit has been disclosed publicly. Connected documents corroborat...

7.5CVSS7.6AI score0.02211EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.8 views

PT-2024-15538 · Deshang · Deshang Dsmall

Name of the Vulnerable Software and Affected Versions: DeShang DSMall versions up to 6.1.0 Description: A critical vulnerability was found in DeShang DSMall, affecting an unknown functionality of the file application/home/controller/TaobaoExport.php of the component Image URL Handler. This...

9.8CVSS6.5AI score0.00557EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.5 views

DeShang DSMall Access Control Error Vulnerability

DeShang DSMall is a multi-user mall system from DeShang, China. An Access Control Error vulnerability exists in DeShang DSMall prior to version 6.1.0, which stems from the file public/install.php of the component HTTP GET Request Handler that results in incorrect access control...

7.5CVSS6.8AI score0.02211EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.5 views

DeShang DSMall Security Breach

DeShang DSMall is a multi-user mall system from DeShang, China. A security vulnerability exists in DeShang DSMall prior to version 5.0.3, which is caused by path traversal due to the operation of the parameter filename in the file application/home/controller/MemberAuth.php...

9.8CVSS6.7AI score0.0094EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.5 views

PT-2024-15534 · Deshang · Deshang Dsmall

Name of the Vulnerable Software and Affected Versions: DeShang DSMall versions up to 6.1.0 Description: A vulnerability was found in DeShang DSMall, affecting an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access...

7.5CVSS5.7AI score0.02211EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.4 views

DeShang DSMall Access Control Error Vulnerability

DeShang DSMall is a multi-user mall system from DeShang, China. An Access Control Error vulnerability exists in DeShang DSMall prior to version 6.1.0, which stems from the file application/home/controller/TaobaoExport.php of the component Image URL Handler that causes incorrect access control...

9.8CVSS6.7AI score0.00557EPSS
Exploits0References4
CNVD
CNVD
added 2021/07/14 12:0 a.m.8 views

Command Execution Vulnerability in Changsha Deshaun DSMall

DSMall is a simple and easy to operate, can help enterprises quickly build a comprehensive mall platform similar to Jingdong / Tmall system. A command execution vulnerability exists in Changsha Deshaun DSMall, which can be exploited by attackers to obtain sensitive information and execute malicio...

7AI score
Exploits0
CNVD
CNVD
added 2021/06/17 12:0 a.m.11 views

Command Execution Vulnerability in DSMall (CNVD-2021-45210)

DSMall is a simple and easy to operate, can help enterprises quickly build similar to the Jingdong / Tmall integrated mall platform system. DSMall has a command execution vulnerability that can be exploited by attackers to gain control of the server...

7.7AI score
Exploits0
CNVD
CNVD
added 2020/04/03 12:0 a.m.1 views

Command Execution Vulnerability in DSMall (CNVD-2020-25887)

DSMall is a complete B2B2C multi-store mall solution. DSMall suffers from a command execution vulnerability that can be exploited by attackers to execute malicious code...

7.5AI score
Exploits0
CNVD
CNVD
added 2020/04/02 12:0 a.m.1 views

SQL Injection Vulnerability in DSMall (CNVD-2020-27267)

DSMall is a simple and easy to operate, can help enterprises quickly build a comprehensive mall platform similar to Jingdong / Tmall system. DSMall suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain database information...

7.9AI score
Exploits0
Rows per page
Query Builder