1696 matches found
CVE-2026-10581 DedeCMS download.php base64_decode server-side request forgery
A flaw has been found in DedeCMS 5.7.88. Affected by this vulnerability is the function base64decode of the file /plus/download.php?open=1. This manipulation of the argument Link causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and...
CVE-2026-10581
CVE-2026-10581 affects DedeCMS 5.7.88. The vulnerability lies in the function base64_decode in /plus/download.php?open=1, where manipulation of the Link argument triggers a server-side request forgery (SSRF). Remote exploitation is possible, and the exploit has been published. The available docum...
CVE-2026-10581 DedeCMS download.php base64_decode server-side request forgery
A flaw has been found in DedeCMS 5.7.88. Affected by this vulnerability is the function base64decode of the file /plus/download.php?open=1. This manipulation of the argument Link causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and...
PT-2026-45795
A vulnerability was determined in DedeCMS 5.7.88. The affected element is the function TrimMsg of the file /plus/feedback.php of the component Feedback Handler. Executing a manipulation of the argument msg can lead to sql injection. The attack can be launched remotely. The exploit has been public...
DesDev DedeCMS 代码问题漏洞
DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation, based on PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a code vulnerability. This...
PT-2026-45818
Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7.88 Description A remote SQL injection is possible through the manipulation of the msg argument within the dede htmlspecialchars function located in the '/plus/flink.php' file. Recommendations As a temporary workaround,...
PT-2026-45819
Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7.88 Description A security flaw exists in the RemoveXSS function within the '/plus/carbuyaction.php' file. Remote attackers can perform SQL injection, which is a technique used to manipulate a database by inserting malicious...
DesDev DedeCMS SQL注入漏洞
DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation, based on PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a SQL injection vulnerabilit...
DesDev DedeCMS 安全漏洞
DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation, based on PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a security vulnerability. Th...
DesDev DedeCMS SQL注入漏洞
DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation. It is built using PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a SQL injection...
PT-2026-45690
A flaw has been found in DedeCMS 5.7.88. Affected by this vulnerability is the function base64 decode of the file /plus/download.php?open=1. This manipulation of the argument Link causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and...
CVE-2026-30643
An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...
EUVD-2026-17960
An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...
CVE-2026-30643
An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...
CVE-2026-30643
An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...
DesDev DedeCMS 安全漏洞
DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation in China. It operates on the PHP platform and offers functions such as content publishing, management, editing, and retrieval. Version 5.7.118 of DesDev DedeCMS contains a security vulnerability, which...
PT-2026-29567
🔴 CVE-2026-30643 - Critical An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload. https://t.co/rjHTzSsdI1 https://t.co/y2qo3h5iFP...
CVE-2026-30643
An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...
CVE-2026-30643
Summary: CVE-2026-30643 affects DedeCMS 5.7.118 and allows code execution via crafted setup tag values during a module upload. The description consistently states the root cause as the crafted setup tag values leading to remote code execution within the module upload process. The available source...
CVE-2026-29839
DedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability in /systaskadd.php...