PT-2025-53785

Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7 Description The software contains a Cross-Site Request Forgery CSRF issue. The vulnerability is located in the /src/dede/makehtml list action.php endpoint. A malicious actor can potentially cause a user to perform unintende...

EUVD-2020-14963

Malware in sbrugna...

EUVD-2024-27764

Malicious code in bioql PyPI...

CVE-2024-4593

A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7. This issue affects some unknown processing of the file /src/dede/sysmultiserv.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2024-4594

A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. Affected is an unknown function of the file /src/dede/syssafe.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...

CVE-2024-4594

This CVE affects DedeCMS 5.7. Affected component is an unknown function in /src/dede/sys_safe.php, where manipulation enables cross-site request forgery. The vulnerability can be exploited remotely and an exploit has been disclosed publicly. Several connected sources corroborate the issue and ref...

CVE-2024-4594 DedeCMS sys_safe.php cross-site request forgery

A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. Affected is an unknown function of the file /src/dede/syssafe.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...

CVE-2024-4592

A vulnerability classified as problematic was found in DedeCMS 5.7. This vulnerability affects unknown code of the file /src/dede/sysgroupedit.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

CVE-2024-4593

A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7. This issue affects some unknown processing of the file /src/dede/sysmultiserv.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2024-4590

A vulnerability was found in DedeCMS 5.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /src/dede/sysinfo.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the publ...

CVE-2024-4590

A vulnerability was found in DedeCMS 5.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /src/dede/sysinfo.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the publ...

CVE-2024-4592

A vulnerability classified as problematic was found in DedeCMS 5.7. This vulnerability affects unknown code of the file /src/dede/sysgroupedit.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

CVE-2024-4593

CVE-2024-4593 concerns DedeCMS 5.7, where the vulnerability lies in the file /src/dede/sys_multiserv.php. The issue is described as a cross‑site request forgery (CSRF) that can be triggered remotely, with the exploit publicly disclosed. Several connected sources consistently identify the affected...

CVE-2024-4592

CVE-2024-4592 affects DedeCMS 5.7, specifically the /src/dede/sys_group_edit.php file. The vulnerability is a cross-site request forgery (CSRF) in unknown code paths, with remote initiation and public disclosure of the exploit. Multiple connected sources corroborate the affected software/version ...

CVE-2024-4591

The CVE concerns DedeCMS 5.7, with a CSRF issue in the file /src/dede/sys_group_add.php. The vulnerability enables cross-site request forgery via a potentially remote-initiated attack. Multiple sources in the provided documents identify the affected product and component, and note that the exploi...

CVE-2024-4591 DedeCMS sys_group_add.php cross-site request forgery

A vulnerability classified as problematic has been found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/sysgroupadd.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may b...

CVE-2024-4590

CVE-2024-4590 affects DedeCMS 5.7, with the vulnerable element in /src/dede/sys_info.php. The issue enables cross-site request forgery (CSRF) via manipulation of that file’s functionality. The attack is described as remotely launchable and the exploit has been disclosed publicly. Exploitation det...

CVE-2024-4589

A vulnerability was found in DedeCMS 5.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /src/dede/mytagedit.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed ...

CVE-2024-4587

A vulnerability was found in DedeCMS 5.7 and classified as problematic. This issue affects some unknown processing of the file /src/dede/tpl.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be use...

CVE-2024-4587

A vulnerability was found in DedeCMS 5.7 and classified as problematic. This issue affects some unknown processing of the file /src/dede/tpl.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be use...