Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dedecms vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-17730
DedeCMS up to and including 5.7 has SQL Injection via the logo parameter to plus/flink_add.php.
Dedecms Dedecms
8.8
CVSSv3
CVE-2023-2928
A vulnerability was found in DedeCMS up to 5.7.106. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file uploads/dede/article_allowurl_edit.php. The manipulation of the argument allurls leads to code injection. The attack can be...
Dedecms Dedecms
7.2
CVSSv3
CVE-2023-27707
SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote malicious user to execute arbitrary code via the rank_* parameter in the /dede/group_store.php endpoint.
Dedecms Dedecms
9.8
CVSSv3
CVE-2022-35516
DedeCMS v5.7.93 - v5.7.96 exists to contain a remote code execution vulnerability in login.php.
Dedecms Dedecms
9.8
CVSSv3
CVE-2017-17731
DedeCMS up to and including 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php.
Dedecms Dedecms
5.4
CVSSv3
CVE-2023-40876
DedeCMS up to and including 5.7.110 exists to contain a cross-site scripting (XSS) vulnerability at /dede/freelist_add.php via the title parameter.
Dedecms Dedecms
5.4
CVSSv3
CVE-2023-40877
DedeCMS up to and including 5.7.110 exists to contain a cross-site scripting (XSS) vulnerability at /dede/freelist_edit.php via the title parameter.
Dedecms Dedecms
9.8
CVSSv3
CVE-2022-46442
dedecms <=V5.7.102 is vulnerable to SQL Injection. In sys_ sql_ n query.php there are no restrictions on the sql query.
Dedecms Dedecms
8.8
CVSSv3
CVE-2023-43226
An arbitrary file upload vulnerability in dede/baidunews.php in DedeCMS 5.7.111 and previous versions allows malicious users to execute arbitrary code via uploading a crafted PHP file.
Dedecms Dedecms
5.4
CVSSv3
CVE-2023-40874
DedeCMS up to and including 5.7.110 exists to contain multiple cross-site scripting (XSS) vulnerabilities at /dede/vote_add.php via the votename and voteitem1 parameters.
Dedecms Dedecms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »