Vulnerabilities > Dedebiz > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-14 | CVE-2023-31546 | Cross-site Scripting vulnerability in Dedebiz 6.0.3 Cross Site Scripting (XSS) vulnerability in DedeBIZ v6.0.3 allows attackers to run arbitrary code via the search feature. | 9.6 |
| 2023-09-27 | CVE-2023-43234 | Unspecified vulnerability in Dedebiz 6.2.11 DedeBIZ v6.2.11 was discovered to contain multiple remote code execution (RCE) vulnerabilities at /admin/file_manage_control.php via the $activepath and $filename parameters. | 9.8 |
| 2022-11-23 | CVE-2022-43196 | Unspecified vulnerability in Dedebiz Dedecmsv6 6.1.9 dedecmdv6 v6.1.9 is vulnerable to Arbitrary file deletion via file_manage_control.php. | 9.1 |
| 2022-11-23 | CVE-2022-44118 | Unspecified vulnerability in Dedebiz Dedecmsv6 6.1.9 dedecmdv6 v6.1.9 is vulnerable to Remote Code Execution (RCE) via file_manage_control.php. | 9.8 |
| 2022-11-23 | CVE-2022-44120 | SQL Injection vulnerability in Dedebiz Dedecmsv6 6.1.9 dedecmdv6 6.1.9 is vulnerable to SQL Injection. | 9.8 |