Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remote malicious user to run arbitrary code via the mnum parameter.