NuytsTech Security

CVE-2024-0414

by ·

A vulnerability classified as problematic has been found in DeShang DSCMS up to 3.1.2/7.1. Affected is an unknown function of the file public/install.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-250434 is the identifier assigned to this vulnerability.

More information : https://note.zhaoj.in/share/xYQMsARg83ui

Attack vector : NETWORK
Attack complexity : LOW
Privileges required : NONE
User interaction : NONE
Confidentiality impact : HIGH
Integrity impact : HIGH
Base score : 9.8
Base severity : CRITICAL
Exploitability score : 3.9
Impact score : 5.9

Tags: