4 matches found
XSS Vulnerability in DedeCMS 5.7SP2
DedeCMS is a collection of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS 5.7SP2 exists XSS vulnerability, attackers can exploit the vulnerability to obtain sensitive information such as user cookies...
CVE-2019-8933
In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ directory without being blocked by the Web Application Firewall, and then execute this file, via this sequence of steps: visiting the management page, clicking on the template, clicking on Default Template Management, clicking on...
CVE-2019-8933
In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ directory without being blocked by the Web Application Firewall, and then execute this file, via this sequence of steps: visiting the management page, clicking on the template, clicking on Default Template Management, clicking on...
CVE-2019-8933
CVE-2019-8933 affects DedeCMS 5.7SP2. An attacker can upload a PHP file to uploads/ and execute it by abusing the management/template workflow: navigate to Default Template Management, create a New Template, and alter the filename from ../index.html to ../index.php. This indicates a path/filename...