2 matches found
CVE-2022-28114
CVE-2022-28114 affects DSCMS v3.0, where an arbitrary file deletion vulnerability is triggered via the endpoint /controller/Adv.php. The available connected sources confirm the issue exists in DSCMS v3.0 and describe the impact as arbitrary file deletion. No specific exploit details, affected fil...
CVE-2018-18317
DESHANG DSCMS 1.1 contains a cross-site request forgery (CSRF) vulnerability exposed via the public/index.php/admin/admin/add.html URI. A remote attacker can perform unauthorized operations through this endpoint. The CVE CVE-2018-18317 is documented in NVD with CVSSv2 base score 6.8 (Partial conf...