Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dsmall vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-9307
dsmall v20180320 allows XSS via the pdr_sn parameter to public/index.php/home/predeposit/index.html.
Dsmall Project Dsmall 20180320
5.4
CVSSv3
CVE-2018-9015
dsmall v20180320 allows XSS via the public/index.php/home/predeposit/index.html pdr_sn parameter (aka the CMS search box).
Dsmall Project Dsmall 20180320
6.1
CVSSv3
CVE-2018-8906
dsmall v20180320 has XSS via a crafted street address to public/index.php/home/memberaddress/index.html, which is mishandled at public/index.php/home/memberaddress/edit/address_id/2.html.
Dsmall Project Dsmall 20180320
7.5
CVSSv3
CVE-2018-9014
dsmall v20180320 allows physical path leakage via a public/index.php/home/predeposit/index.html?pdr_sn= request.
Dsmall Project Dsmall 20180320
6.1
CVSSv3
CVE-2018-9016
dsmall v20180320 allows XSS via the main page search box at the public/index.php/home URI.
Dsmall Project Dsmall 20180320
5.4
CVSSv3
CVE-2018-9017
dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI.
Dsmall Project Dsmall 20180320
7.5
CVSSv3
CVE-2024-0411
A vulnerability was found in DeShang DSMall up to 6.1.0. It has been classified as problematic. This affects an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate th...
Csdeshang Dsmall
9.8
CVSSv3
CVE-2024-0415
A vulnerability classified as critical was found in DeShang DSMall up to 6.1.0. Affected by this vulnerability is an unknown functionality of the file application/home/controller/TaobaoExport.php of the component Image URL Handler. The manipulation leads to improper access contro...
Csdeshang Dsmall
9.8
CVSSv3
CVE-2024-0416
A vulnerability, which was classified as critical, has been found in DeShang DSMall up to 5.0.3. Affected by this issue is some unknown functionality of the file application/home/controller/MemberAuth.php. The manipulation of the argument file_name leads to path traversal: '...
Csdeshang Dsmall
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started