dsmall cross-site scripting vulnerability (CNVD-2018-07546)
dsmall is a multi-user platform-level online shopping mall system. A cross-site scripting vulnerability exists in dsmall version 20180320. A remote attacker can use the main page query box in the public/index.php/home URI to inject arbitrary HTML/JavaScript code to obtain sensitive information...