Lucene search
K

1693 matches found

CVE
CVE
added 2026/06/02 2:30 a.m.27 views

CVE-2026-10581

CVE-2026-10581 affects DedeCMS 5.7.88. The vulnerability lies in the function base64_decode in /plus/download.php?open=1, where manipulation of the Link argument triggers a server-side request forgery (SSRF). Remote exploitation is possible, and the exploit has been published. The available docum...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.11 views

PT-2026-45819

Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7.88 Description A security flaw exists in the RemoveXSS function within the '/plus/carbuyaction.php' file. Remote attackers can perform SQL injection, which is a technique used to manipulate a database by inserting malicious...

7.5CVSS7.4AI score0.00308EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

DesDev DedeCMS SQL注入漏洞

DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation, based on PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a SQL injection vulnerabilit...

7.5CVSS5.6AI score0.00313EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

DesDev DedeCMS 安全漏洞

DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation, based on PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a security vulnerability. Th...

7.5CVSS5.7AI score0.00254EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.14 views

PT-2026-45795

A vulnerability was determined in DedeCMS 5.7.88. The affected element is the function TrimMsg of the file /plus/feedback.php of the component Feedback Handler. Executing a manipulation of the argument msg can lead to sql injection. The attack can be launched remotely. The exploit has been public...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.17 views

PT-2026-45690

A flaw has been found in DedeCMS 5.7.88. Affected by this vulnerability is the function base64 decode of the file /plus/download.php?open=1. This manipulation of the argument Link causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

DesDev DedeCMS SQL注入漏洞

DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation. It is built using PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a SQL injection...

7.5CVSS5.6AI score0.00308EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.11 views

DesDev DedeCMS 代码问题漏洞

DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation, based on PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.88 of DesDev DedeCMS contains a code vulnerability. This...

6.5CVSS5.4AI score0.00201EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.17 views

PT-2026-45818

Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7.88 Description A remote SQL injection is possible through the manipulation of the msg argument within the dede htmlspecialchars function located in the '/plus/flink.php' file. Recommendations As a temporary workaround,...

7.5CVSS7.3AI score0.00313EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/04/02 5:4 a.m.11 views

CVE-2026-30643

An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...

9.8CVSS6AI score0.00569EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/01 6:36 p.m.11 views

EUVD-2026-17960

An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...

9.8CVSS6AI score0.00569EPSS
Exploits1References3
NVD
NVD
added 2026/04/01 5:28 p.m.11 views

CVE-2026-30643

An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...

9.8CVSS0.00569EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.7 views

DesDev DedeCMS 安全漏洞

DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation in China. It operates on the PHP platform and offers functions such as content publishing, management, editing, and retrieval. Version 5.7.118 of DesDev DedeCMS contains a security vulnerability, which...

9.8CVSS5.9AI score0.00569EPSS
Exploits1References2
CVE
CVE
added 2026/04/01 12:0 a.m.15 views

CVE-2026-30643

Summary: CVE-2026-30643 affects DedeCMS 5.7.118 and allows code execution via crafted setup tag values during a module upload. The description consistently states the root cause as the crafted setup tag values leading to remote code execution within the module upload process. The available source...

9.8CVSS6AI score0.00569EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.15 views

PT-2026-29567

🔴 CVE-2026-30643 - Critical An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload. https://t.co/rjHTzSsdI1 https://t.co/y2qo3h5iFP...

9.8CVSS6AI score0.00569EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/01 12:0 a.m.4 views

CVE-2026-30643

An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...

6AI score0.00569EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/01 12:0 a.m.29 views

CVE-2026-30643

An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload...

0.00569EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.7 views

CVE-2026-29839

DedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability in /systaskadd.php...

8.8CVSS5.8AI score0.00138EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.6 views

CVE-2026-30694

An issue in DedeCMS v.5.7.118 and before allows a remote attacker to execute arbitrary code via the arrayfilter component...

9.8CVSS6.2AI score0.0068EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/24 6:31 p.m.5 views

EUVD-2026-14903

DedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability in /systaskadd.php...

8.8CVSS5.8AI score0.00138EPSS
Exploits0References3
Rows per page
Query Builder