1593 matches found
CVE-2024-0411
A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...
CVE-2024-0411
A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...
CVE-2024-0412
A vulnerability was found in DeShang DSShop up to 3.1.0. It has been declared as problematic. This vulnerability affects unknown code of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. The attack can be initiated remotely...
Improper access control
A vulnerability was found in DeShang DSShop up to 3.1.0. It has been declared as problematic. This vulnerability affects unknown code of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. The attack can be initiated remotely...
Improper access control
A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely...
CVE-2024-0412
Affected software: DeShang DSShop up to 3.1.0. Vulnerable component/file: HTTP GET Request Handler, public/install.php. Root cause: improper access controls. Impact: allows remote initiation of exploitation; exploit has been disclosed publicly. Current exploit reliability/availability not quantif...
File Sharing Wizard security vulnerability
File Sharing Wizard is a file sharing and transfer software package. A security vulnerability exists in File Sharing Wizard version 1.5.0, which is a denial of service due to unknown code in the component HTTP POST Request Handler...
DeShang DSShop Access Control Error Vulnerability
DeShang DSShop is a single-store mobile mall online store system from DeShang, China. The access control error vulnerability exists in DeShang DSShop prior to version 3.1.0. The vulnerability stems from the file public/install.php of the component HTTP GET Request Handler, which results in...
DeShang DSMall Access Control Error Vulnerability
DeShang DSMall is a multi-user mall system from DeShang, China. An Access Control Error vulnerability exists in DeShang DSMall prior to version 6.1.0, which stems from the file public/install.php of the component HTTP GET Request Handler that results in incorrect access control...
PT-2024-15534 · Deshang · Deshang Dsmall
Name of the Vulnerable Software and Affected Versions: DeShang DSMall versions up to 6.1.0 Description: A vulnerability was found in DeShang DSMall, affecting an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access...
File Sharing Wizard security vulnerability
File Sharing Wizard is a file sharing and transfer software package. A security vulnerability exists in File Sharing Wizard version 1.5.0, which results in a denial of service due to unknown code in the component GET Request Handler...
CVE-2024-0357
A vulnerability was found in coderd-repos Eva 1.0.0 and classified as critical. Affected by this issue is some unknown functionality of the file /system/traceLog/page of the component HTTP POST Request Handler. The manipulation of the argument property leads to sql injection. The exploit has been...
Sql injection
A vulnerability was found in coderd-repos Eva 1.0.0 and classified as critical. Affected by this issue is some unknown functionality of the file /system/traceLog/page of the component HTTP POST Request Handler. The manipulation of the argument property leads to sql injection. The exploit has been...
CVE-2024-0357
CVE-2024-0357 affects Eva 1.0.0 (coderd-repos). The vulnerability lies in the HTTP POST Request Handler for /system/traceLog/page, where manipulation of an argument property enables SQL injection. Multiple sources (NVD, Red Hat, CVE lists, vulnerability databases) classify the issue as critical w...
CVE-2024-0352
A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to...
Out-of-bounds
A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to...
CVE-2024-0352
CVE-2024-0352 affects Likeshop up to 2.5.7.20210311. The vulnerability is in FileServer::userFormImage (file server/application/api/controller/File.php) where manipulating the file argument leads to unrestricted file upload. Impact scope includes remote execution potential with impact to confiden...
CVE-2024-0352 Likeshop HTTP POST Request File.php userFormImage unrestricted upload
A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to...
CVE-2024-0341
A vulnerability was found in Inis up to 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /app/api/controller/default/File.php of the component GET Request Handler. The manipulation of the argument path leads to path traversal: '../filedir'. The explo...
CVE-2024-0341
A vulnerability was found in Inis up to 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /app/api/controller/default/File.php of the component GET Request Handler. The manipulation of the argument path leads to path traversal: '../filedir'. The explo...