Lucene search
MitreCVE-2024-33371HistoryApr 30, 2024 - 8:15 p.m.
CVE-2024-33371
2024-04-3020:15:08
CWE-79
mitre
web.nvd.nist.gov
26
cve-2024-33371
remote attacker
arbitrary code execution
typeid parameter
nvd
cross site scripting
dedecms v.5.7.113
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
7.3
Confidence
High
EPSS
0
Percentile
9.0%
Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remote attacker to execute arbitrary code via the typeid parameter in the makehtml_list_action.php component.
References
Related
nvd
nvd
CVE-2024-33371
2024-04-30 20:15:08
cvelist
cvelist
CVE-2024-33371
2024-04-30 00:00:00
vulnrichment
vulnrichment
CVE-2024-33371
2024-04-30 00:00:00
openvas
openvas
DedeCMS V5.7 SP2 Multiple Vulnerabilities (Mar/Apr/May/Jul 2024)
2024-06-06 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
7.3
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-33371