Skip to main content

Dscms

3 CVEs product

Monthly

CVE-2024-0414 MEDIUM This Month

A vulnerability classified as problematic has been found in DeShang DSCMS up to 3.1.2/7.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass PHP Dscms
NVD VulDB
CVSS 3.1
5.3
EPSS
0.3%
CVE-2022-28114 CRITICAL POC Act Now

DSCMS v3.0 was discovered to contain an arbitrary file deletion vulnerability via /controller/Adv.php. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Dscms
NVD
CVSS 3.1
9.1
EPSS
1.0%
CVE-2018-18317 HIGH POC This Week

DESHANG DSCMS 1.1 has CSRF via the public/index.php/admin/admin/add.html URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Dscms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability classified as problematic has been found in DeShang DSCMS up to 3.1.2/7.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass PHP Dscms
NVD VulDB
EPSS 1% CVSS 9.1
CRITICAL POC Act Now

DSCMS v3.0 was discovered to contain an arbitrary file deletion vulnerability via /controller/Adv.php. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Dscms
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

DESHANG DSCMS 1.1 has CSRF via the public/index.php/admin/admin/add.html URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Dscms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy