Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dedecms vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-40784
DedeCMS 5.7.102 has a File Upload vulnerability via uploads/dede/module_make.php.
Dedecms Dedecms 5.7.102
8.8
CVSSv3
CVE-2024-22895
DedeCMS 5.7.112 has a File Upload vulnerability via uploads/dede/module_upload.php.
Dedecms Dedecms 5.7.112
NA
CVE-2009-2270
Unrestricted file upload vulnerability in member/uploads_edit.php in dedecms 5.3 allows remote malicious users to execute arbitrary code by uploading a file with a double extension in the filename, then accessing this file via unspecified vectors, as demonstrated by a .jpg.php fi...
Dedecms Dedecms 5.3
6.5
CVSSv3
CVE-2022-30508
DedeCMS v5.7.93 exists to contain arbitrary file deletion vulnerability in upload.php via the delete parameter.
Dedecms Dedecms 5.7.93
8.8
CVSSv3
CVE-2020-18917
The plus/search.php component in DedeCMS 5.7 SP2 allows remote malicious users to execute arbitrary PHP code via the typename parameter because the contents of typename.inc are under an attacker's control.
Dedecms Dedecms 5.7
9.8
CVSSv3
CVE-2023-4747
A vulnerability classified as critical was found in DedeCMS 5.7.110. This vulnerability affects unknown code of the file /uploads/tags.php. The manipulation of the argument tag_alias leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to t...
Dedecms Dedecms 5.7.110
5.3
CVSSv3
CVE-2018-6881
EmpireCMS 6.6 allows remote malicious users to discover the full path via an array value for a parameter to admin/tool/ShowPic.php.
Dedecms Dedecms 5.7
Phome Empirecms 6.6
Phome Empirecms 7.0
Phome Empirecms 7.2
NA
CVE-2024-33749
DedeCMS V5.7.114 is vulnerable to deletion of any file via mail_file_manage.php.
NA
CVE-2024-34959
DedeCMS V5.7.113 is vulnerable to Cross Site Scripting (XSS) via sys_data_replace.php.
NA
CVE-2024-28676
DedeCMS v5.7 exists to contain a cross-site scripting (XSS) vulnerability via /dede/article_edit.php.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »