Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dedecms vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-35516
DedeCMS v5.7.93 - v5.7.96 exists to contain a remote code execution vulnerability in login.php.
Dedecms Dedecms
9.8
CVSSv3
CVE-2022-34531
DedeCMS v5.7.95 exists to contain a remote code execution (RCE) vulnerability via the component mytag_ main.php.
Dedecms Dedecms 5.7.95
6.5
CVSSv3
CVE-2022-30508
DedeCMS v5.7.93 exists to contain arbitrary file deletion vulnerability in upload.php via the delete parameter.
Dedecms Dedecms 5.7.93
9.8
CVSSv3
CVE-2022-23337
DedeCMS v5.7.87 exists to contain a SQL injection vulnerability in article_coonepage_rule.php via the ids parameter.
Dedecms Dedecms 5.7.87
5.4
CVSSv3
CVE-2020-36490
DedeCMS v7.5 SP2 exists to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
Dedecms Dedecms 7.5
5.4
CVSSv3
CVE-2020-36491
DedeCMS v7.5 SP2 exists to contain multiple cross-site scripting (XSS) vulnerabilities in the component tags_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
Dedecms Dedecms 7.5
5.4
CVSSv3
CVE-2020-36492
DedeCMS v7.5 SP2 exists to contain multiple cross-site scripting (XSS) vulnerabilities in the component select_media.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
Dedecms Dedecms 7.5
6.1
CVSSv3
CVE-2020-36494
DedeCMS v7.5 SP2 exists to contain multiple cross-site scripting (XSS) vulnerabilities in the component mychannel_edit.php via the `filename`, `mid`, `userid`, and `templet' parameters.
Dedecms Dedecms 7.5
6.1
CVSSv3
CVE-2020-36495
DedeCMS v7.5 SP2 exists to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `filename`, `mid`, `userid`, and `templet' parameters.
Dedecms Dedecms 7.5
6.1
CVSSv3
CVE-2020-36496
DedeCMS v7.5 SP2 exists to contain multiple cross-site scripting (XSS) vulnerabilities in the component sys_admin_user_edit.php via the `filename`, `mid`, `userid`, and `templet' parameters.
Dedecms Dedecms 7.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »