MidnightBSD

Advisories for destoon

CVE-2018-18430 LOW

An issue was discovered in DESTOON B2B 7.0. admin\setting.inc.php has XSS via the first text box to the admin.php URI.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
destoon destoon_b2b 7.0
CVE-2018-18431 LOW

An issue was discovered in DESTOON B2B 7.0. XSS exists via certain text boxes to the admin.php?moduleid=2&action=add URI.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
destoon destoon_b2b 7.0
CVE-2018-18432 MEDIUM

An issue was discovered in DESTOON B2B 7.0. CSRF exists via the admin.php URI in an action=add request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
destoon destoon_b2b 7.0
CVE-2018-18433 LOW

An issue was discovered in DESTOON B2B 7.0. admin/category.inc.php has XSS via the category[catname] parameter to the admin.php URI.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
destoon destoon_b2b 7.0