Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 16/03/2023 Updated: 22/03/2023

CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2

VMScore: 0

SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote malicious user to execute arbitrary code via the rank_* parameter in the /dedestory_catalog.php endpoint.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dedecms dedecms

CWE-89 https://srpopty.github.io/2023/02/27/DedeCMS-V5.7.160-Backend-SQLi-story/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-27709

Vulnerability Summary

References

Vulmon Search

About

Products

Connect