CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

195 matches found

RedhatCVE•added 2026/06/05 7:34 p.m.•7 views

CVE-2026-10606

A vulnerability was determined in DedeCMS 5.7.88. The affected element is the function TrimMsg of the file /plus/feedback.php of the component Feedback Handler. Executing a manipulation of the argument msg can lead to sql injection. The attack can be launched remotely. The exploit has been public...

7.5CVSS7AI score0.00254EPSS

Exploits0References1

EUVD•added 2026/06/02 6:0 p.m.•10 views

EUVD-2026-33997

A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used f...

7.5CVSS6.9AI score0.00308EPSS

Exploits0References4

Cvelist•added 2026/04/01 12:0 a.m.•25 views

CVE-2026-30643

An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...

0.00569EPSS

Exploits1References2

NVD•added 2026/03/19 6:16 p.m.•2 views

CVE-2026-30694

An issue in DedeCMS v.5.7.118 and before allows a remote attacker to execute arbitrary code via the arrayfilter component...

9.8CVSS0.0068EPSS

Exploits1References2

Positive Technologies•added 2026/03/19 12:0 a.m.•4 views

PT-2026-26326

🚨 CVE-2026-30694: Remote code execution in DedeCMS up to 5.7.118, no login required. Lock down your site and watch for a patch. Full advisory ➡️ https://t.co/nUIEoY7rL5 DedeCMS infosec AppSec...

6.2AI score0.0068EPSS

Exploits1References6

RedhatCVE•added 2026/01/09 12:36 p.m.•7 views

CVE-2023-49492

DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting XSS vulnerability via the imgstick parameter at selectimages.php...

6.1CVSS6.2AI score0.00431EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:36 p.m.•4 views

CVE-2023-49494

DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting XSS vulnerability via the component selectmediapostwangEditor.php...

6.1CVSS6.2AI score0.01176EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:39 a.m.•7 views

CVE-2022-35516

DedeCMS v5.7.93 - v5.7.96 was discovered to contain a remote code execution vulnerability in login.php...

9.8CVSS8.3AI score0.01945EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:35 a.m.•7 views

CVE-2024-34245

An arbitrary file read vulnerability in DedeCMS v5.7.114 allows authenticated attackers to read arbitrary files by specifying any path in makehtmljsaction.php...

6.5CVSS6.6AI score0.00818EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:14 a.m.•9 views

CVE-2024-2821

A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7. Affected by this issue is some unknown functionality of the file /src/dede/friendlinkedit.php. The manipulation of the argument id leads to cross-site request forgery. The attack may be launched remotely. The...

5CVSS6.7AI score0.00397EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:14 a.m.•6 views

CVE-2024-2822

A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/voteedit.php. The manipulation of the argument aid leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed...

5CVSS6.7AI score0.0037EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2020-10828

Malware in sbrugna...

8.8CVSS8.7AI score0.00836EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2019-15854

Malware in sbrugna...

8.8CVSS8.8AI score0.01929EPSS

Exploits0References2