PT-2025-45592

A security vulnerability has been detected in DedeBIZ up to 6.3.2. The impacted element is an unknown function of the file /admin/archives add.php. Such manipulation of the argument flags leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may ...

DedeBIZ SQL注入漏洞

DedeBIZ is a content management system from China Muyun Intelligence DedeBIZ company. A SQL injection vulnerability exists in DedeBIZ 6.3.2 and earlier versions, which stems from incorrect manipulation of the parameter flags in the file /admin/archivesadd.php, which could lead to a SQL injection...

Dreamer CMS Cross-Site Request Forgery Vulnerability (CNVD-2023-9571566)

Dreamer CMS is a dreamer content management system by Junnan Wang, an individual developer in China. A cross-site request forgery vulnerability exists in Dreamer CMS version v4.1.3, which originates from a failure to adequately validate whether a request is from a trusted user in the component...

CVE-2023-48914

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/archives/add...

Dreamer CMS 跨站请求伪造漏洞

Dreamer CMS is a dreamer content management system by Junnan Wang, an individual developer in China. A cross-site request forgery vulnerability exists in Dreamer CMS version v4.1.3, which originates from a failure to adequately validate whether a request is from a trusted user in the component...

CVE-2023-48914

Affected software: Dreamer CMS v4.1.3. Vulnerability: Cross-Site Request Forgery (CSRF) in the /admin/archives/add component. The root cause is insufficient validation of whether a request originates from a trusted user, enabling an attacker to forge a malicious request that tricks a victim into ...