Lucene search
K

17 matches found

Cvelist
Cvelist
added 2018/11/07 5:0 p.m.22 views

CVE-2018-19061

DedeCMS 5.7 SP2 has SQL Injection via the dede\codo.php ids parameter...

10AI score0.01759EPSS
Exploits1References2
NVD
NVD
added 2018/10/29 12:29 p.m.19 views

CVE-2018-18782

Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/myfriend.php ftype parameter...

6.1CVSS6AI score0.00826EPSS
Exploits1References1
NVD
NVD
added 2018/10/29 12:29 p.m.16 views

CVE-2018-18781

DedeCMS 5.7 SP2 allows XSS via the /member/uploadsselect.php f or keyword parameter...

6.1CVSS6.1AI score0.00675EPSS
Exploits1References1
Prion
Prion
added 2018/10/29 12:29 p.m.19 views

Cross site scripting

Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/myfriend.php ftype parameter...

4.3CVSS6AI score0.00826EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/10/29 12:29 p.m.19 views

Cross site scripting

DedeCMS 5.7 SP2 allows XSS via the /member/uploadsselect.php f or keyword parameter...

4.3CVSS6AI score0.00675EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/10/29 5:0 a.m.23 views

CVE-2018-18781

DedeCMS 5.7 SP2 allows XSS via the /member/uploadsselect.php f or keyword parameter...

6.1AI score0.00675EPSS
Exploits1References1
CVE
CVE
added 2018/10/29 5:0 a.m.45 views

CVE-2018-18782

CVE-2018-18782 affects DedeCMS 5.7 SP2, with a Reflected XSS in the /member/myfriend.php ftype parameter. The root cause is the unescaped ftype input reflected in the page, enabling injection of arbitrary scripts. Documents do not provide exploitation status, in-the-wild details, or specific reme...

6.1CVSS5.9AI score0.00826EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/10/22 9:29 p.m.15 views

Cross site scripting

DedeCMS 5.7 SP2 allows XSS via the plus/qrcode.php type parameter...

4.3CVSS6AI score0.0073EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2018/10/22 9:29 p.m.17 views

CVE-2018-18579

Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/pm.php folder parameter...

6.1CVSS6AI score0.0073EPSS
Exploits1References2
OSV
OSV
added 2018/10/22 9:29 p.m.5 views

CVE-2018-18579

Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/pm.php folder parameter...

6.1CVSS5.8AI score0.0073EPSS
Exploits1References2
Prion
Prion
added 2018/10/22 9:29 p.m.15 views

Cross site scripting

Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/pm.php folder parameter...

4.3CVSS6AI score0.0073EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/10/22 9:0 p.m.21 views

CVE-2018-18578

DedeCMS 5.7 SP2 allows XSS via the plus/qrcode.php type parameter...

6AI score0.0073EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/10/22 9:0 p.m.23 views

CVE-2018-18579

Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/pm.php folder parameter...

6AI score0.0073EPSS
Exploits1References2
CVE
CVE
added 2018/10/22 9:0 p.m.48 views

CVE-2018-18579

DedeCMS 5.7 SP2 is affected by a reflected XSS vulnerability in the /member/pm.php endpoint, exploitable via the folder parameter. The vulnerable component is DedeCMS’s web interface; input in the folder parameter can be reflected back to the user, enabling arbitrary script/HTML execution in a us...

6.1CVSS5.9AI score0.0073EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2018/09/21 3:29 p.m.17 views

Cross site scripting

DedeCMS 5.7 SP2 allows XSS via an onhashchange attribute in the msg parameter to /plus/feedbackajax.php...

4.3CVSS5.9AI score0.00675EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/09/21 3:29 p.m.21 views

CVE-2018-16784

DedeCMS 5.7 SP2 allows XML injection, and resultant remote code execution, via a "file type='file' name='../" substring...

7.2CVSS7.3AI score0.02329EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/09/21 3:0 p.m.19 views

CVE-2018-16784

DedeCMS 5.7 SP2 allows XML injection, and resultant remote code execution, via a "file type='file' name='../" substring...

7.3AI score0.02329EPSS
Exploits1References1
Rows per page
Query Builder