Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dedecms dedecms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-31757
DedeCMS up to v5.7.108 is vulnerable to XSS in sys_info.php via parameters 'edit___cfg_powerby' and 'edit___cfg_beian'
Dedecms Dedecms 5.7.108
NA
CVE-2023-2424
A vulnerability was found in DedeCMS 5.7.106 and classified as critical. Affected by this issue is the function UpDateMemberModCache of the file uploads/dede/config.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been discl...
Dedecms Dedecms 5.7.106
NA
CVE-2023-30380
An issue in the component /dialog/select_media.php of DedeCMS v5.7.107 allows malicious users to execute a directory traversal.
Dedecms Dedecms 5.7.107
NA
CVE-2023-27733
DedeCMS v5.7.106 exists to contain a SQL injection vulnerability via the component /dede/sys_sql_query.php.
Dedecms Dedecms 5.7.106
NA
CVE-2023-2059
A vulnerability was found in DedeCMS 5.7.87. It has been rated as problematic. Affected by this issue is some unknown functionality of the file uploads/include/dialog/select_templets.php. The manipulation leads to path traversal: '..\filedir'. The attack may be launched...
Dedecms Dedecms 5.7.87
NA
CVE-2023-2056
A vulnerability was found in DedeCMS up to 5.7.87 and classified as critical. This issue affects the function GetSystemFile of the file module_main.php. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public an...
Dedecms Dedecms
NA
CVE-2023-27707
SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote malicious user to execute arbitrary code via the rank_* parameter in the /dede/group_store.php endpoint.
Dedecms Dedecms
NA
CVE-2023-27709
SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote malicious user to execute arbitrary code via the rank_* parameter in the /dedestory_catalog.php endpoint.
Dedecms Dedecms
NA
CVE-2022-48140
DedeCMS v5.7.97 exists to contain a cross-site scripting (XSS) vulnerability in the component /file_manage_view.php?fmdo=edit&filename.
Dedecms Dedecms 5.7.97
NA
CVE-2022-46442
dedecms <=V5.7.102 is vulnerable to SQL Injection. In sys_ sql_ n query.php there are no restrictions on the sql query.
Dedecms Dedecms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »