Dst Admin Project
Products
1- 7 CVEs
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-2956 | Med | 0.41 | 6.3 | 0.06 | Feb 22, 2026 | A security flaw has been discovered in qinming99 dst-admin up to 1.5.0. This affects the function revertBackup of the file /home/restore. The manipulation of the argument Name results in command injection. The attack can be launched remotely. The exploit has been released to the… | ||
| CVE-2026-2957 | Med | 0.35 | 5.4 | 0.00 | Feb 22, 2026 | A weakness has been identified in qinming99 dst-admin up to 1.5.0. This impacts the function deleteBackup of the file src/main/java/com/tugos/dst/admin/controller/BackupController.java of the component File Handler. This manipulation causes denial of service. The attack may be… | ||
| CVE-2023-0648 | 0.01 | — | 0.03 | Feb 2, 2023 | A vulnerability, which was classified as critical, was found in dst-admin 1.5.0. This affects an unknown part of the file /home/masterConsole. The manipulation of the argument command leads to command injection. It is possible to initiate the attack remotely. The exploit has… | |||
| CVE-2023-0646 | 0.01 | — | 0.03 | Feb 2, 2023 | A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit… | |||
| CVE-2023-43270 | 0.00 | — | 0.01 | Sep 22, 2023 | dst-admin v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the userId parameter at /home/playerOperate. | |||
| CVE-2023-0647 | 0.00 | — | 0.03 | Feb 2, 2023 | A vulnerability, which was classified as critical, has been found in dst-admin 1.5.0. Affected by this issue is some unknown functionality of the file /home/kickPlayer. The manipulation of the argument userId leads to command injection. The attack may be launched remotely. The… | |||
| CVE-2021-44586 | 0.00 | — | 0.01 | Jan 10, 2022 | An issue was discovered in dst-admin v1.3.0. The product has an unauthorized arbitrary file download vulnerability that can expose sensitive information. |
- risk 0.41cvss 6.3epss 0.06
A security flaw has been discovered in qinming99 dst-admin up to 1.5.0. This affects the function revertBackup of the file /home/restore. The manipulation of the argument Name results in command injection. The attack can be launched remotely. The exploit has been released to the…
- risk 0.35cvss 5.4epss 0.00
A weakness has been identified in qinming99 dst-admin up to 1.5.0. This impacts the function deleteBackup of the file src/main/java/com/tugos/dst/admin/controller/BackupController.java of the component File Handler. This manipulation causes denial of service. The attack may be…
- CVE-2023-0648Feb 2, 2023risk 0.01cvss —epss 0.03
A vulnerability, which was classified as critical, was found in dst-admin 1.5.0. This affects an unknown part of the file /home/masterConsole. The manipulation of the argument command leads to command injection. It is possible to initiate the attack remotely. The exploit has…
- CVE-2023-0646Feb 2, 2023risk 0.01cvss —epss 0.03
A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit…
- CVE-2023-43270Sep 22, 2023risk 0.00cvss —epss 0.01
dst-admin v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the userId parameter at /home/playerOperate.
- CVE-2023-0647Feb 2, 2023risk 0.00cvss —epss 0.03
A vulnerability, which was classified as critical, has been found in dst-admin 1.5.0. Affected by this issue is some unknown functionality of the file /home/kickPlayer. The manipulation of the argument userId leads to command injection. The attack may be launched remotely. The…
- CVE-2021-44586Jan 10, 2022risk 0.00cvss —epss 0.01
An issue was discovered in dst-admin v1.3.0. The product has an unauthorized arbitrary file download vulnerability that can expose sensitive information.