Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dedecms dedecms vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-17730
DedeCMS up to and including 5.7 has SQL Injection via the logo parameter to plus/flink_add.php.
Dedecms Dedecms
9.8
CVSSv3
CVE-2017-17731
DedeCMS up to and including 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php.
Dedecms Dedecms
7.5
CVSSv3
CVE-2023-30380
An issue in the component /dialog/select_media.php of DedeCMS v5.7.107 allows malicious users to execute a directory traversal.
Dedecms Dedecms 5.7.107
8.8
CVSSv3
CVE-2023-43275
Cross-Site Request Forgery (CSRF) vulnerability in DedeCMS v5.7 in 110 backend management interface via /catalog_add.php, allows malicious users to create crafted web pages due to a lack of verification of the token value of the submitted form.
Dedecms Dedecms 5.7
9.8
CVSSv3
CVE-2022-23337
DedeCMS v5.7.87 exists to contain a SQL injection vulnerability in article_coonepage_rule.php via the ids parameter.
Dedecms Dedecms 5.7.87
9.8
CVSSv3
CVE-2022-34531
DedeCMS v5.7.95 exists to contain a remote code execution (RCE) vulnerability via the component mytag_ main.php.
Dedecms Dedecms 5.7.95
8.8
CVSSv3
CVE-2024-22895
DedeCMS 5.7.112 has a File Upload vulnerability via uploads/dede/module_upload.php.
Dedecms Dedecms 5.7.112
5.4
CVSSv3
CVE-2022-48140
DedeCMS v5.7.97 exists to contain a cross-site scripting (XSS) vulnerability in the component /file_manage_view.php?fmdo=edit&filename.
Dedecms Dedecms 5.7.97
6.1
CVSSv3
CVE-2022-36583
DedeCMS V5.7.97 exists to contain multiple cross-site scripting (XSS) vulnerabilities at /dede/co_do.php via the dopost, rpok, and aid parameters.
Dedecms Dedecms 5.7.97
9.8
CVSSv3
CVE-2023-40784
DedeCMS 5.7.102 has a File Upload vulnerability via uploads/dede/module_make.php.
Dedecms Dedecms 5.7.102
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »