82 matches found
CVE-2024-0416 DeShang DSMall MemberAuth.php path traversal
A vulnerability, which was classified as critical, has been found in DeShang DSMall up to 5.0.3. Affected by this issue is some unknown functionality of the file application/home/controller/MemberAuth.php. The manipulation of the argument filename leads to path traversal: '../filedir'. The attack...
CVE-2024-0416
The CVE-2024-0416 entry concerns DeShang DSMall (up to v5.0.3). The vulnerability lies in file application/home/controller/MemberAuth.php, where manipulating the file_name argument triggers a path traversal (../filedir). This is a remote issue and the exploit has public disclosure. Impact is tied...
CVE-2024-0415 DeShang DSMall Image URL TaobaoExport.php access control
A vulnerability classified as critical was found in DeShang DSMall up to 6.1.0. Affected by this vulnerability is an unknown functionality of the file application/home/controller/TaobaoExport.php of the component Image URL Handler. The manipulation leads to improper access controls. The attack ca...
CVE-2024-0415 DeShang DSMall Image URL TaobaoExport.php access control
A vulnerability classified as critical was found in DeShang DSMall up to 6.1.0. Affected by this vulnerability is an unknown functionality of the file application/home/controller/TaobaoExport.php of the component Image URL Handler. The manipulation leads to improper access controls. The attack ca...
CVE-2024-0415
CVE-2024-0415 affects DeShang DSMall up to version 6.1.0, where an unknown functionality in Image URL Handler (file: application/home/controller/TaobaoExport.php) allows improper access control. The vulnerability can be exploited remotely and was disclosed publicly. Documented mitigation in PT-20...
CVE-2024-0411
A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...
CVE-2024-0411
A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...
Improper access control
A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...
CVE-2024-0411 DeShang DSMall HTTP GET Request install.php access control
A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...
CVE-2024-0411 DeShang DSMall HTTP GET Request install.php access control
A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...
CVE-2024-0411
The CVE-2024-0411 entry concerns DeShang DSMall up to version 6.1.0, affecting the file public/install.php within the HTTP GET Request Handler. The vulnerability enables improper access controls and can be triggered remotely. The exploit has been disclosed publicly. Connected documents corroborat...
PT-2024-15538 · Deshang · Deshang Dsmall
Name of the Vulnerable Software and Affected Versions: DeShang DSMall versions up to 6.1.0 Description: A critical vulnerability was found in DeShang DSMall, affecting an unknown functionality of the file application/home/controller/TaobaoExport.php of the component Image URL Handler. This...
DeShang DSMall Access Control Error Vulnerability
DeShang DSMall is a multi-user mall system from DeShang, China. An Access Control Error vulnerability exists in DeShang DSMall prior to version 6.1.0, which stems from the file public/install.php of the component HTTP GET Request Handler that results in incorrect access control...
DeShang DSMall Security Breach
DeShang DSMall is a multi-user mall system from DeShang, China. A security vulnerability exists in DeShang DSMall prior to version 5.0.3, which is caused by path traversal due to the operation of the parameter filename in the file application/home/controller/MemberAuth.php...
PT-2024-15534 · Deshang · Deshang Dsmall
Name of the Vulnerable Software and Affected Versions: DeShang DSMall versions up to 6.1.0 Description: A vulnerability was found in DeShang DSMall, affecting an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access...
DeShang DSMall Access Control Error Vulnerability
DeShang DSMall is a multi-user mall system from DeShang, China. An Access Control Error vulnerability exists in DeShang DSMall prior to version 6.1.0, which stems from the file application/home/controller/TaobaoExport.php of the component Image URL Handler that causes incorrect access control...
Command Execution Vulnerability in Changsha Deshaun DSMall
DSMall is a simple and easy to operate, can help enterprises quickly build a comprehensive mall platform similar to Jingdong / Tmall system. A command execution vulnerability exists in Changsha Deshaun DSMall, which can be exploited by attackers to obtain sensitive information and execute malicio...
Command Execution Vulnerability in DSMall (CNVD-2021-45210)
DSMall is a simple and easy to operate, can help enterprises quickly build similar to the Jingdong / Tmall integrated mall platform system. DSMall has a command execution vulnerability that can be exploited by attackers to gain control of the server...
Command Execution Vulnerability in DSMall (CNVD-2020-25887)
DSMall is a complete B2B2C multi-store mall solution. DSMall suffers from a command execution vulnerability that can be exploited by attackers to execute malicious code...
SQL Injection Vulnerability in DSMall (CNVD-2020-27267)
DSMall is a simple and easy to operate, can help enterprises quickly build a comprehensive mall platform similar to Jingdong / Tmall system. DSMall suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain database information...