Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dedecms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5301
A vulnerability classified as critical was found in DedeCMS 5.7.111. This vulnerability affects the function AddMyAddon of the file album_add.php. The manipulation of the argument albumUploadFiles leads to os command injection. The attack can be initiated remotely. The exploit ha...
Dedecms Dedecms 5.7.111
NA
CVE-2023-43226
An arbitrary file upload vulnerability in dede/baidunews.php in DedeCMS 5.7.111 and previous versions allows malicious users to execute arbitrary code via uploading a crafted PHP file.
Dedecms Dedecms
NA
CVE-2023-5022
A vulnerability has been found in DedeCMS up to 5.7.100 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /include/dialog/select_templets_post.php. The manipulation of the argument activepath leads to absolute path traversal. The a...
Dedecms Dedecms
NA
CVE-2023-40784
DedeCMS 5.7.102 has a File Upload vulnerability via uploads/dede/module_make.php.
Dedecms Dedecms 5.7.102
NA
CVE-2023-4747
A vulnerability classified as critical was found in DedeCMS 5.7.110. This vulnerability affects unknown code of the file /uploads/tags.php. The manipulation of the argument tag_alias leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to t...
Dedecms Dedecms 5.7.110
NA
CVE-2023-40874
DedeCMS up to and including 5.7.110 exists to contain multiple cross-site scripting (XSS) vulnerabilities at /dede/vote_add.php via the votename and voteitem1 parameters.
Dedecms Dedecms
NA
CVE-2023-40875
DedeCMS up to and including 5.7.110 exists to contain multiple cross-site scripting (XSS) vulnerabilities at /dede/vote_edit.php via the votename and votenote parameters.
Dedecms Dedecms
NA
CVE-2023-40876
DedeCMS up to and including 5.7.110 exists to contain a cross-site scripting (XSS) vulnerability at /dede/freelist_add.php via the title parameter.
Dedecms Dedecms
NA
CVE-2023-40877
DedeCMS up to and including 5.7.110 exists to contain a cross-site scripting (XSS) vulnerability at /dede/freelist_edit.php via the title parameter.
Dedecms Dedecms
NA
CVE-2023-36298
DedeCMS v5.7.109 has a File Upload vulnerability, leading to remote code execution (RCE).
Dedecms Dedecms 5.7.109
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »