Lucene search
K

82 matches found

CNVD
CNVD
added 2020/03/31 12:0 a.m.1 views

Command Execution Vulnerability in DSMall

DSMall is a comprehensive mall platform system. DSMall suffers from a command execution vulnerability that can be exploited by attackers to execute malicious code...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/03/31 12:0 a.m.1 views

Command execution vulnerability exists in DSMall (CNVD-2020-24701)

DSMall is a comprehensive mall platform system. DSMall suffers from a command execution vulnerability that can be exploited by attackers to execute malicious code...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/02/04 12:0 a.m.1 views

php deserialization vulnerability in dsmall v5.0.6 frontend

dsmall mall system is a complete set of B2B2C multi-store mall solution. The system uses the domestic excellent open source framework THinkPHP , H5 end using vue.js , front and back end separation , based on PHP MySQL development , using B/S architecture. dsmall v5.0.6 front-end php deserializati...

6.8AI score
Exploits0
CNVD
CNVD
added 2020/01/16 12:0 a.m.1 views

DSMall has a flawed logic vulnerability

DSMALL is a large B2B2C multi-user mall system , enterprise-class e-commerce mall system , code open source . DSMall there are logical flaws vulnerabilities , attackers can exploit the vulnerability to delete any account invoice information...

7AI score
Exploits0
CNVD
CNVD
added 2020/01/15 12:0 a.m.1 views

Logic flaw vulnerability in DSMall Me***.php file

DSMall mall system is a complete set of B2B2C multi-store mall solutions. A logic flaw vulnerability exists in the DSMall Me.php file. An attacker can exploit the vulnerability to perform unauthorized operations, including modifying the information of items posted by any account and modifying the...

6.6AI score
Exploits0
CNVD
CNVD
added 2018/12/11 12:0 a.m.2 views

DSMall open source multi-user mall system front-end command execution vulnerability

DSMall is an open source B2B2C e-commerce system created by Deshaun Networks. DSMall open source multi-user mall system in the foreground there is a command injection vulnerability . Attackers can use the vulnerability to obtain server privileges...

7.6AI score
Exploits0
NVD
NVD
added 2018/04/04 9:29 p.m.16 views

CVE-2018-9307

dsmall v20180320 allows XSS via the pdrsn parameter to public/index.php/home/predeposit/index.html...

6.1CVSS6AI score0.00707EPSS
Exploits1References1
OSV
OSV
added 2018/04/04 9:29 p.m.4 views

CVE-2018-9307

dsmall v20180320 allows XSS via the pdrsn parameter to public/index.php/home/predeposit/index.html...

6.1CVSS5.8AI score0.00707EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/04/04 9:0 p.m.23 views

CVE-2018-9307

dsmall v20180320 allows XSS via the pdrsn parameter to public/index.php/home/predeposit/index.html...

6AI score0.00707EPSS
Exploits1References1
CVE
CVE
added 2018/04/04 9:0 p.m.40 views

CVE-2018-9307

The CVE concerns dsmall v20180320, where an XSS flaw exists via the pdr_sn parameter in public/index.php/home/predeposit/index.html. The underlying issue is not detailed beyond the XSS mechanism; no explicit root-cause, affected versions beyond v20180320, or patch/mitigation is provided in the do...

6.1CVSS5.9AI score0.00707EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/03/26 12:0 a.m.4 views

dsmall Physical Path Disclosure Vulnerability

dsmall is a multi-user platform-level online shopping mall system. A security vulnerability exists in dsmall version 20180320. An attacker can exploit the vulnerability by sending public/index.php/home/predeposit/index.html?pdrsn=request to obtain a physical path...

7.5CVSS6.6AI score0.01152EPSS
Exploits0References1
CNVD
CNVD
added 2018/03/26 12:0 a.m.4 views

dsmall cross-site scripting vulnerability (CNVD-2018-07545)

dsmall is a multi-user platform-level online shopping mall system. A cross-site scripting vulnerability exists in dsmall version 20180320. A remote attacker can exploit this vulnerability by sending the 'pdrsn' parameter to the public/index.php/home/predeposit/index.html page to inject arbitrary...

5.4CVSS6.2AI score0.00556EPSS
Exploits1References1
CNVD
CNVD
added 2018/03/26 12:0 a.m.3 views

dsmall cross-site scripting vulnerability (CNVD-2018-07546)

dsmall is a multi-user platform-level online shopping mall system. A cross-site scripting vulnerability exists in dsmall version 20180320. A remote attacker can use the main page query box in the public/index.php/home URI to inject arbitrary HTML/JavaScript code to obtain sensitive information...

6.1CVSS6.5AI score0.00707EPSS
Exploits1References1
CNVD
CNVD
added 2018/03/26 12:0 a.m.3 views

dsmall cross-site scripting vulnerability (CNVD-2018-07558)

dsmall is a multi-user platform-level online shopping mall system. A cross-site scripting vulnerability exists in dsmall version 20180320. A remote attacker can inject arbitrary HTML/JavaScript code to obtain sensitive information via the member query box in the...

5.4CVSS6.5AI score0.00556EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2018/03/25 6:29 p.m.2 views

CVE-2018-9015

dsmall v20180320 allows XSS via the public/index.php/home/predeposit/index.html pdrsn parameter aka the CMS search box...

5.4CVSS5.3AI score0.00556EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2018/03/25 6:29 p.m.1 views

CVE-2018-9016

dsmall v20180320 allows XSS via the main page search box at the public/index.php/home URI...

6.1CVSS5.3AI score0.00707EPSS
Exploits1References2
Prion
Prion
added 2018/03/25 6:29 p.m.14 views

Design/Logic Flaw

dsmall v20180320 allows XSS via the main page search box at the public/index.php/home URI...

4.3CVSS6AI score0.00707EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/03/25 6:29 p.m.2 views

CVE-2018-9017

dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI...

5.4CVSS5.8AI score0.00556EPSS
Exploits1References1
NVD
NVD
added 2018/03/25 6:29 p.m.19 views

CVE-2018-9016

dsmall v20180320 allows XSS via the main page search box at the public/index.php/home URI...

6.1CVSS6AI score0.00707EPSS
Exploits1References1
OSV
OSV
added 2018/03/25 6:29 p.m.3 views

CVE-2018-9014

dsmall v20180320 allows physical path leakage via a public/index.php/home/predeposit/index.html?pdrsn= request...

7.5CVSS5.8AI score0.01152EPSS
Exploits0References1
Rows per page
Query Builder