CVE-2024-0411

Name of the Vulnerable Software and Affected Versions DeShang DSMall versions up to 6.1.0

Description A vulnerability was found in DeShang DSMall, affecting an unknown part of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely.

Recommendations For DeShang DSMall versions up to 6.1.0, consider restricting access to the public/install.php file until a patch is available. As a temporary workaround, review and limit the use of the HTTP GET Request Handler component to minimize the risk of exploitation.