3 matches found
CVE-2024-0416
The CVE-2024-0416 entry concerns DeShang DSMall (up to v5.0.3). The vulnerability lies in file application/home/controller/MemberAuth.php, where manipulating the file_name argument triggers a path traversal (../filedir). This is a remote issue and the exploit has public disclosure. Impact is tied...
CVE-2024-0411
The CVE-2024-0411 entry concerns DeShang DSMall up to version 6.1.0, affecting the file public/install.php within the HTTP GET Request Handler. The vulnerability enables improper access controls and can be triggered remotely. The exploit has been disclosed publicly. Connected documents corroborat...
CVE-2024-0415
CVE-2024-0415 affects DeShang DSMall up to version 6.1.0, where an unknown functionality in Image URL Handler (file: application/home/controller/TaobaoExport.php) allows improper access control. The vulnerability can be exploited remotely and was disclosed publicly. Documented mitigation in PT-20...