Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dedecms dedecms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3806
SQL injection vulnerability in feedback_js.php in DedeCMS 5.1 allows remote malicious users to execute arbitrary SQL commands via the arcurl parameter.
Dedecms Dedecms 5.1
1 EDB exploit
6.1
CVSSv3
CVE-2023-49492
DedeCMS v5.7.111 exists to contain a reflective cross-site scripting (XSS) vulnerability via the imgstick parameter at selectimages.php.
Dedecms Dedecms 5.7.111
6.1
CVSSv3
CVE-2023-49493
DedeCMS v5.7.111 exists to contain a reflective cross-site scripting (XSS) vulnerability via the v parameter at selectimages.php.
Dedecms Dedecms 5.7.111
6.1
CVSSv3
CVE-2023-49494
DedeCMS v5.7.111 exists to contain a reflective cross-site scripting (XSS) vulnerability via the component select_media_post_wangEditor.php.
Dedecms Dedecms 5.7.111
8.8
CVSSv3
CVE-2019-8933
In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ directory (without being blocked by the Web Application Firewall), and then execute this file, via this sequence of steps: visiting the management page, clicking on the template, clicking on Default Template Mana...
Dedecms Dedecms 5.7
9.8
CVSSv3
CVE-2022-34531
DedeCMS v5.7.95 exists to contain a remote code execution (RCE) vulnerability via the component mytag_ main.php.
Dedecms Dedecms 5.7.95
7.5
CVSSv3
CVE-2023-30380
An issue in the component /dialog/select_media.php of DedeCMS v5.7.107 allows malicious users to execute a directory traversal.
Dedecms Dedecms 5.7.107
9.8
CVSSv3
CVE-2023-40784
DedeCMS 5.7.102 has a File Upload vulnerability via uploads/dede/module_make.php.
Dedecms Dedecms 5.7.102
8.8
CVSSv3
CVE-2018-20129
An issue exists in DedeCMS V5.7 SP2. uploads/include/dialog/select_images_post.php allows remote malicious users to upload and execute arbitrary PHP code via a double extension and a modified ".php" substring, in conjunction with the image/jpeg content type, as demonstr...
Dedecms Dedecms 5.7
5.4
CVSSv3
CVE-2023-48068
DedeCMS v6.2 exists to contain a Cross-site Scripting (XSS) vulnerability via spec_add.php.
Dedecms Dedecms 6.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »