Vulnerabilities > Dedecms > Dedecms > 5.7.108

DATE CVE VULNERABILITY TITLE RISK
2024-01-07 CVE-2023-7212 Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms
A vulnerability classified as critical has been found in DeDeCMS up to 5.7.112.
network
low complexity
dedecms CWE-434
critical
 9.8
9.8
2023-09-28 CVE-2023-43226 Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms
An arbitrary file upload vulnerability in dede/baidunews.php in DedeCMS 5.7.111 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file.
network
low complexity
dedecms CWE-434
8.8
8.8
2023-05-19 CVE-2023-31757 Cross-site Scripting vulnerability in Dedecms 5.7.108
DedeCMS up to v5.7.108 is vulnerable to XSS in sys_info.php via parameters 'edit___cfg_powerby' and 'edit___cfg_beian'
network
low complexity
dedecms CWE-79
5.4
5.4