Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DeShang DSShop MemberAuth.php path traversal
Vulnerability Description
A vulnerability, which was classified as critical, was found in DeShang DSShop up to 2.1.5. This affects an unknown part of the file application/home/controller/MemberAuth.php. The manipulation of the argument member_info leads to path traversal: '../filedir'. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250437 was assigned to this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
路径遍历:’../filedir’
Vulnerability Title
DeShang DSShop 安全漏洞
Vulnerability Description
DeShang DSShop是中国德尚(DeShang)公司的一款单店铺移动商城网店系统。 DeShang DSShop 2.1.5 版本之前存在安全漏洞,该漏洞源于文件 application/home/controller/MemberAuth.php 对参数 member_info 的操作导致路径遍历。
CVSS Information
N/A
Vulnerability Type
N/A