Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

duongancol — Vulnerabilities & Security Advisories 5

Browse all 5 CVE security advisories affecting duongancol. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Duongancol primarily serves as a Vietnamese e-commerce platform facilitating online transactions between buyers and sellers. Historically, the application has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its five recorded CVEs. These weaknesses often stem from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests ongoing security challenges that could potentially lead to unauthorized access, data breaches, or complete system compromise if exploited.

Top products by duongancol: Boostify Header Footer Builder for Elementor Woostify
CVE IDTitleCVSSSeverityPublished
CVE-2026-4805 Woostify <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Lity.js Library via data-lity Attribute in Custom HTML Block — WoostifyCWE-79 6.4 Medium2026-04-28
CVE-2025-60101 WordPress Woostify Theme <= 2.4.2 - Cross Site Scripting (XSS) Vulnerability — WoostifyCWE-79 5.9 Medium2025-09-26
CVE-2024-10794 Boostify Header Footer Builder for Elementor <= 1.3.6 - Authenticated (Contributor+) Post Disclosure — Boostify Header Footer Builder for ElementorCWE-639 4.3 Medium2024-11-13
CVE-2024-4788 Boostify Header Footer Builder for Elementor <= 1.3.5 - Missing Authorization to Page/Post Creation — Boostify Header Footer Builder for ElementorCWE-862 4.3 Medium2024-06-06
CVE-2024-5006 Boostify Header Footer Builder for Elementor <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via size Parameter — Boostify Header Footer Builder for ElementorCWE-79 6.4 Medium2024-06-05

This page lists every published CVE security advisory associated with duongancol. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.