Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dedecms dedecms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-17730
DedeCMS up to and including 5.7 has SQL Injection via the logo parameter to plus/flink_add.php.
Dedecms Dedecms
7.5
CVSSv2
CVE-2017-17731
DedeCMS up to and including 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php.
Dedecms Dedecms
NA
CVE-2023-31757
DedeCMS up to v5.7.108 is vulnerable to XSS in sys_info.php via parameters 'edit___cfg_powerby' and 'edit___cfg_beian'
Dedecms Dedecms 5.7.108
NA
CVE-2023-30380
An issue in the component /dialog/select_media.php of DedeCMS v5.7.107 allows malicious users to execute a directory traversal.
Dedecms Dedecms 5.7.107
NA
CVE-2023-2424
A vulnerability was found in DedeCMS 5.7.106 and classified as critical. Affected by this issue is the function UpDateMemberModCache of the file uploads/dede/config.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been discl...
Dedecms Dedecms 5.7.106
7.5
CVSSv2
CVE-2022-23337
DedeCMS v5.7.87 exists to contain a SQL injection vulnerability in article_coonepage_rule.php via the ids parameter.
Dedecms Dedecms 5.7.87
NA
CVE-2022-34531
DedeCMS v5.7.95 exists to contain a remote code execution (RCE) vulnerability via the component mytag_ main.php.
Dedecms Dedecms 5.7.95
NA
CVE-2023-4747
A vulnerability classified as critical was found in DedeCMS 5.7.110. This vulnerability affects unknown code of the file /uploads/tags.php. The manipulation of the argument tag_alias leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to t...
Dedecms Dedecms 5.7.110
NA
CVE-2024-22895
DedeCMS 5.7.112 has a File Upload vulnerability via uploads/dede/module_upload.php.
Dedecms Dedecms 5.7.112
NA
CVE-2023-2059
A vulnerability was found in DedeCMS 5.7.87. It has been rated as problematic. Affected by this issue is some unknown functionality of the file uploads/include/dialog/select_templets.php. The manipulation leads to path traversal: '..\filedir'. The attack may be launched...
Dedecms Dedecms 5.7.87
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »