Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dedecms vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-49494
DedeCMS v5.7.111 exists to contain a reflective cross-site scripting (XSS) vulnerability via the component select_media_post_wangEditor.php.
Dedecms Dedecms 5.7.111
9.8
CVSSv3
CVE-2023-3578
A vulnerability classified as critical was found in DedeCMS 5.7.109. Affected by this vulnerability is an unknown functionality of the file co_do.php. The manipulation of the argument rssurl leads to server-side request forgery. The exploit has been disclosed to the public and ma...
Dedecms Dedecms 5.7.109
9.8
CVSSv3
CVE-2023-40784
DedeCMS 5.7.102 has a File Upload vulnerability via uploads/dede/module_make.php.
Dedecms Dedecms 5.7.102
8.8
CVSSv3
CVE-2023-36298
DedeCMS v5.7.109 has a File Upload vulnerability, leading to remote code execution (RCE).
Dedecms Dedecms 5.7.109
7.2
CVSSv3
CVE-2023-27733
DedeCMS v5.7.106 exists to contain a SQL injection vulnerability via the component /dede/sys_sql_query.php.
Dedecms Dedecms 5.7.106
5.4
CVSSv3
CVE-2023-48068
DedeCMS v6.2 exists to contain a Cross-site Scripting (XSS) vulnerability via spec_add.php.
Dedecms Dedecms 6.2
9.8
CVSSv3
CVE-2023-37839
An arbitrary file upload vulnerability in /dede/file_manage_control.php of DedeCMS v5.7.109 allows malicious users to execute arbitrary code via uploading a crafted PHP file.
Dedecms Dedecms 5.7.109
9.8
CVSSv3
CVE-2020-22198
SQL Injection vulnerability in DedeCMS 5.7 via mdescription parameter to member/ajax_membergroup.php.
Dedecms Dedecms 5.7
5.4
CVSSv3
CVE-2020-23044
DedeCMS v7.5 SP2 exists to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_pic_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
Dedecms Dedecms 7.5
6.1
CVSSv3
CVE-2020-23046
DedeCMS v7.5 SP2 exists to contain multiple cross-site scripting (XSS) vulnerabilities in the component tpl.php via the `filename`, `mid`, `userid`, and `templet' parameters.
Dedecms Dedecms 7.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »