CVE-2023-49494

DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting XSS vulnerability via the component selectmediapostwangEditor.php...

CVE-2023-49494

DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting XSS vulnerability via the component selectmediapostwangEditor.php...

Cross site scripting

DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting XSS vulnerability via the component selectmediapostwangEditor.php...

PT-2023-31247 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.111 Description: A reflective cross-site scripting XSS issue was discovered in DedeCMS via the component select media post wangEditor.php. This allows for potential XSS attacks. Recommendations: For DedeCMS version 5.7.111...

Desdev DedeCMS Security Breach

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has the functions of content publishing, content management, content editing and content retrieval. A security vulnerability exists ...

CVE-2023-30380

An issue in the component /dialog/selectmedia.php of DedeCMS v5.7.107 allows attackers to execute a directory traversal...

PT-2023-2990 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.107 Description: The issue is related to a directory traversal vulnerability in the /dialog/select media.php component of DedeCMS. This vulnerability is caused by incorrect restriction of the path name to a directory with...

Woven dream management system Background The find-a vulnerability warning-the black bar safety net

Sometimes in the by injection to give the weave the dream program's administrative password, but found that can't find the backend address. This time we can try the following in the address followed by: the/include/dialog/selectmedia. php? f=form1. murl But not necessarily pass to kill it.. By:th...