Browse all 4 CVE security advisories affecting donglight. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Donglight is a network monitoring tool primarily used for traffic analysis and security auditing. Historically, it has been associated with vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, with four CVEs documented. The application's complex architecture and extensive API surface have contributed to these security issues. While no major public incidents have been widely reported, the consistent pattern of vulnerabilities in network-facing components suggests potential risks for organizations deploying it in sensitive environments. Users should ensure timely patching and implement network segmentation to mitigate exposure to potential exploits.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-13210 | donglight bookstore电商书城系统说明 AdminBookController. java uploadPicture unrestricted upload — bookstore电商书城系统说明CWE-434 | 4.7 | Medium | 2025-01-09 |
| CVE-2024-13197 | donglight bookstore电商书城系统说明 AdminUserControlle.java updateUser cross site scripting — bookstore电商书城系统说明CWE-79 | 3.5 | Low | 2025-01-09 |
| CVE-2024-13196 | donglight bookstore电商书城系统说明 BookInfoController.java BookSearchList cross site scripting — bookstore电商书城系统说明CWE-79 | 3.5 | Low | 2025-01-09 |
| CVE-2024-13195 | donglight bookstore电商书城系统说明 HttpUtil.java getHtml server-side request forgery — bookstore电商书城系统说明CWE-918 | 6.3 | Medium | 2025-01-08 |
This page lists every published CVE security advisory associated with donglight. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.