Vulnerabilities > Dedecms > Dedecms > 5.7.93
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-16 | CVE-2023-27709 | SQL Injection vulnerability in Dedecms SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote attacker to execute arbitrary code via the rank_* parameter in the /dedestory_catalog.php endpoint. | 7.2 |
2022-05-26 | CVE-2022-30508 | Path Traversal vulnerability in Dedecms 5.7.93 DedeCMS v5.7.93 was discovered to contain arbitrary file deletion vulnerability in upload.php via the delete parameter. | 6.5 |