Vulnerabilities > Dedecms

DATE	CVE	VULNERABILITY TITLE	RISK
2017-12-18	CVE-2017-17730	SQL Injection vulnerability in Dedecms 5.5/5.6 DedeCMS through 5.7 has SQL Injection via the logo parameter to plus/flink_add.php. network low complexity dedecms CWE-89 critical	9.8
2017-12-18	CVE-2017-17727	Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.5/5.6 DedeCMS through 5.6 allows arbitrary file upload and PHP code execution by embedding the PHP code in a .jpg file, which is used in the templet parameter to member/article_edit.php. network low complexity dedecms CWE-434	8.8

Vulnerabilities > Dedecms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Dedecms"}]}