DeShang DSO2O install.php access control

A vulnerability was found in DeShang DSO2O up to 4.1.0. It has been classified as critical. This affects an unknown part of the file /install/install.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250125 was assigned to this vulnerability.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

访问控制不恰当

DeShang DSO2O 访问控制错误漏洞

DeShang DSO2O是中国德尚（DeShang）公司的一个新零售电商系统。 DeShang DSO2O 4.1.0 及之前版本存在访问控制错误漏洞，该漏洞源于/install/install.php 中存在未知部分，导致不正确的访问控制。

N/A

N/A