CVE-2024-2820

A vulnerability classified as problematic was found in DedeCMS 5.7. Affected by this vulnerability is an unknown functionality of the file /src/dede/baidunews.php. The manipulation of the argument filename leads to cross-site request forgery. The attack can be launched remotely. The exploit has...

Desdev DedeCMS 跨站请求伪造漏洞

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has content publishing, content management, content editing and content retrieval functions. Desdev DedeCMS 5.7 version of the...

CVE-2023-43226

An arbitrary file upload vulnerability in dede/baidunews.php in DedeCMS 5.7.111 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file...

PT-2023-28736 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS versions 5.7.111 and earlier Description: An arbitrary file upload vulnerability in dede/baidunews.php allows attackers to execute arbitrary code via uploading a crafted PHP file. Recommendations: For DedeCMS versions 5.7.111 and...