Vulnerabilities > Dedecms

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-24	CVE-2023-40874	Cross-site Scripting vulnerability in Dedecms DedeCMS up to and including 5.7.110 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at /dede/vote_add.php via the votename and voteitem1 parameters. network low complexity dedecms CWE-79	5.4
2023-08-24	CVE-2023-40875	Cross-site Scripting vulnerability in Dedecms DedeCMS up to and including 5.7.110 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at /dede/vote_edit.php via the votename and votenote parameters. network low complexity dedecms CWE-79	5.4
2023-08-24	CVE-2023-40876	Cross-site Scripting vulnerability in Dedecms DedeCMS up to and including 5.7.110 was discovered to contain a cross-site scripting (XSS) vulnerability at /dede/freelist_add.php via the title parameter. network low complexity dedecms CWE-79	5.4
2023-08-24	CVE-2023-40877	Cross-site Scripting vulnerability in Dedecms DedeCMS up to and including 5.7.110 was discovered to contain a cross-site scripting (XSS) vulnerability at /dede/freelist_edit.php via the title parameter. network low complexity dedecms CWE-79	5.4
2023-08-03	CVE-2023-36298	Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.7.109 DedeCMS v5.7.109 has a File Upload vulnerability, leading to remote code execution (RCE). network low complexity dedecms CWE-434	8.8
2023-07-31	CVE-2023-34842	Code Injection vulnerability in Dedecms Remote Code Execution vulnerability in DedeCMS through 5.7.109 allows remote attackers to run arbitrary code via crafted POST request to /dede/tpl.php. network low complexity dedecms CWE-94 critical	9.8
2023-07-13	CVE-2023-37839	Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.7.109 An arbitrary file upload vulnerability in /dede/file_manage_control.php of DedeCMS v5.7.109 allows attackers to execute arbitrary code via uploading a crafted PHP file. network low complexity dedecms CWE-434 critical	9.8
2023-07-10	CVE-2023-3578	Unspecified vulnerability in Dedecms 5.7.109 A vulnerability classified as critical was found in DedeCMS 5.7.109. network low complexity dedecms critical	9.8
2023-05-27	CVE-2023-2928	Unspecified vulnerability in Dedecms A vulnerability was found in DedeCMS up to 5.7.106. network low complexity dedecms	8.8
2023-05-19	CVE-2023-31757	Cross-site Scripting vulnerability in Dedecms 5.7.108 DedeCMS up to v5.7.108 is vulnerable to XSS in sys_info.php via parameters 'edit___cfg_powerby' and 'edit___cfg_beian' network low complexity dedecms CWE-79	5.4

Vulnerabilities > Dedecms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Dedecms"}]}

Vulnerabilities > Dedecms