Vulnerabilities > Dedecms > Dedecms > 5.7.111

DATE CVE VULNERABILITY TITLE RISK
2024-01-07 CVE-2023-7212 Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms
A vulnerability classified as critical has been found in DeDeCMS up to 5.7.112.
network
low complexity
dedecms CWE-434
critical
 9.8
9.8
2023-12-11 CVE-2023-49494 Cross-site Scripting vulnerability in Dedecms 5.7.111
DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component select_media_post_wangEditor.php.
network
low complexity
dedecms CWE-79
6.1
6.1
2023-12-07 CVE-2023-49492 Cross-site Scripting vulnerability in Dedecms 5.7.111
DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the imgstick parameter at selectimages.php.
network
low complexity
dedecms CWE-79
6.1
6.1
2023-12-07 CVE-2023-49493 Cross-site Scripting vulnerability in Dedecms 5.7.111
DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the v parameter at selectimages.php.
network
low complexity
dedecms CWE-79
6.1
6.1
2023-09-30 CVE-2023-5301 OS Command Injection vulnerability in Dedecms 5.7.111
A vulnerability classified as critical was found in DedeCMS 5.7.111.
network
low complexity
dedecms CWE-78
8.8
8.8