DedeCMS V5.7 SP2 contains a CSRF vulnerability that allows a remote malicious user to send a malicious request to to the web manager allowing remote code execution.