Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-9016 | 1 Dsmall Project | 1 Dsmall | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
dsmall v20180320 allows XSS via the main page search box at the public/index.php/home URI. | |||||
CVE-2018-9015 | 1 Dsmall Project | 1 Dsmall | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
dsmall v20180320 allows XSS via the public/index.php/home/predeposit/index.html pdr_sn parameter (aka the CMS search box). | |||||
CVE-2018-8906 | 1 Dsmall Project | 1 Dsmall | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
dsmall v20180320 has XSS via a crafted street address to public/index.php/home/memberaddress/index.html, which is mishandled at public/index.php/home/memberaddress/edit/address_id/2.html. | |||||
CVE-2018-9307 | 1 Dsmall Project | 1 Dsmall | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
dsmall v20180320 allows XSS via the pdr_sn parameter to public/index.php/home/predeposit/index.html. | |||||
CVE-2018-9014 | 1 Dsmall Project | 1 Dsmall | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
dsmall v20180320 allows physical path leakage via a public/index.php/home/predeposit/index.html?pdr_sn= request. | |||||
CVE-2018-9017 | 1 Dsmall Project | 1 Dsmall | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI. |