Dsmall Security Vulnerabilities and Issues — Dsmall CVE List

Lucene search

Dsmall ProjectDsmall

6 matches found

CVE•added 2018/03/25 6:29 p.m.•34 views

CVE-2018-9017

dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI.

5.4CVSS5.2AI score0.00206EPSS

CVE•added 2018/03/22 4:29 a.m.•32 views

CVE-2018-8906

dsmall v20180320 has XSS via a crafted street address to public/index.php/home/memberaddress/index.html, which is mishandled at public/index.php/home/memberaddress/edit/address_id/2.html.

6.1CVSS5.8AI score0.0024EPSS

CVE•added 2018/03/25 6:29 p.m.•30 views

CVE-2018-9015

dsmall v20180320 allows XSS via the public/index.php/home/predeposit/index.html pdr_sn parameter (aka the CMS search box).

5.4CVSS5.2AI score0.00206EPSS

CVE•added 2018/03/25 6:29 p.m.•28 views

CVE-2018-9016

dsmall v20180320 allows XSS via the main page search box at the public/index.php/home URI.

6.1CVSS6AI score0.0024EPSS

CVE•added 2018/03/25 6:29 p.m.•25 views

CVE-2018-9014

dsmall v20180320 allows physical path leakage via a public/index.php/home/predeposit/index.html?pdr_sn= request.

7.5CVSS7.3AI score0.00316EPSS

CVE•added 2018/04/04 9:29 p.m.•25 views

CVE-2018-9307

dsmall v20180320 allows XSS via the pdr_sn parameter to public/index.php/home/predeposit/index.html.

6.1CVSS5.9AI score0.0024EPSS