CVE-2024-0415

Name of the Vulnerable Software and Affected Versions DeShang DSMall versions up to 6.1.0

Description A critical vulnerability was found in DeShang DSMall, affecting an unknown functionality of the file application/home/controller/TaobaoExport.php of the component Image URL Handler. This vulnerability leads to improper access controls and can be exploited remotely. The exploit has been disclosed to the public.

Recommendations For DeShang DSMall versions up to 6.1.0, consider disabling the vulnerable functionality in the file application/home/controller/TaobaoExport.php as a temporary workaround until a patch is available. Restrict access to the Image URL Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.