Vulnerabilities > Dedecms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-22 | CVE-2024-2823 | Unspecified vulnerability in Dedecms 5.7 A vulnerability has been found in DedeCMS 5.7 and classified as problematic. | 4.3 |
| 2024-03-22 | CVE-2024-2820 | Unspecified vulnerability in Dedecms 5.7 A vulnerability classified as problematic was found in DedeCMS 5.7. | 4.3 |
| 2023-12-11 | CVE-2023-49494 | Cross-site Scripting vulnerability in Dedecms 5.7.111 DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component select_media_post_wangEditor.php. | 6.1 |
| 2023-12-07 | CVE-2023-49492 | Cross-site Scripting vulnerability in Dedecms 5.7.111 DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the imgstick parameter at selectimages.php. | 6.1 |
| 2023-12-07 | CVE-2023-49493 | Cross-site Scripting vulnerability in Dedecms 5.7.111 DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the v parameter at selectimages.php. | 6.1 |
| 2023-11-13 | CVE-2023-48068 | Cross-site Scripting vulnerability in Dedecms 6.2 DedeCMS v6.2 was discovered to contain a Cross-site Scripting (XSS) vulnerability via spec_add.php. | 5.4 |
| 2023-08-24 | CVE-2023-40874 | Cross-site Scripting vulnerability in Dedecms DedeCMS up to and including 5.7.110 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at /dede/vote_add.php via the votename and voteitem1 parameters. | 5.4 |
| 2023-08-24 | CVE-2023-40875 | Cross-site Scripting vulnerability in Dedecms DedeCMS up to and including 5.7.110 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at /dede/vote_edit.php via the votename and votenote parameters. | 5.4 |
| 2023-08-24 | CVE-2023-40876 | Cross-site Scripting vulnerability in Dedecms DedeCMS up to and including 5.7.110 was discovered to contain a cross-site scripting (XSS) vulnerability at /dede/freelist_add.php via the title parameter. | 5.4 |
| 2023-08-24 | CVE-2023-40877 | Cross-site Scripting vulnerability in Dedecms DedeCMS up to and including 5.7.110 was discovered to contain a cross-site scripting (XSS) vulnerability at /dede/freelist_edit.php via the title parameter. | 5.4 |