1693 matches found
CVE-2026-10581
CVE-2026-10581 affects DedeCMS 5.7.88. The vulnerability lies in the function base64_decode in /plus/download.php?open=1, where manipulation of the Link argument triggers a server-side request forgery (SSRF). Remote exploitation is possible, and the exploit has been published. The available docum...
PT-2026-45819
Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7.88 Description A security flaw exists in the RemoveXSS function within the '/plus/carbuyaction.php' file. Remote attackers can perform SQL injection, which is a technique used to manipulate a database by inserting malicious...
DesDev DedeCMS SQL注入漏洞
DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation, based on PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a SQL injection vulnerabilit...
DesDev DedeCMS 安全漏洞
DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation, based on PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a security vulnerability. Th...
PT-2026-45795
A vulnerability was determined in DedeCMS 5.7.88. The affected element is the function TrimMsg of the file /plus/feedback.php of the component Feedback Handler. Executing a manipulation of the argument msg can lead to sql injection. The attack can be launched remotely. The exploit has been public...
PT-2026-45690
A flaw has been found in DedeCMS 5.7.88. Affected by this vulnerability is the function base64 decode of the file /plus/download.php?open=1. This manipulation of the argument Link causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and...
DesDev DedeCMS SQL注入漏洞
DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation. It is built using PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a SQL injection...
DesDev DedeCMS 代码问题漏洞
DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation, based on PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a code vulnerability. This...
PT-2026-45818
Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7.88 Description A remote SQL injection is possible through the manipulation of the msg argument within the dede htmlspecialchars function located in the '/plus/flink.php' file. Recommendations As a temporary workaround,...
CVE-2026-30643
An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...
EUVD-2026-17960
An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...
CVE-2026-30643
An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...
DesDev DedeCMS 安全漏洞
DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation in China. It operates on the PHP platform and offers functions such as content publishing, management, editing, and retrieval. Version 5.7.118 of DesDev DedeCMS contains a security vulnerability, which...
CVE-2026-30643
Summary: CVE-2026-30643 affects DedeCMS 5.7.118 and allows code execution via crafted setup tag values during a module upload. The description consistently states the root cause as the crafted setup tag values leading to remote code execution within the module upload process. The available source...
PT-2026-29567
🔴 CVE-2026-30643 - Critical An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload. https://t.co/rjHTzSsdI1 https://t.co/y2qo3h5iFP...
CVE-2026-30643
An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...
CVE-2026-30643
An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...
CVE-2026-29839
DedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability in /systaskadd.php...
CVE-2026-30694
An issue in DedeCMS v.5.7.118 and before allows a remote attacker to execute arbitrary code via the arrayfilter component...
EUVD-2026-14903
DedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability in /systaskadd.php...