CVE-2025-12927

A security vulnerability has been detected in DedeBIZ up to 6.3.2. The impacted element is an unknown function of the file /admin/archivesadd.php. Such manipulation of the argument flags leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may b...

PT-2025-45592

A security vulnerability has been detected in DedeBIZ up to 6.3.2. The impacted element is an unknown function of the file /admin/archives add.php. Such manipulation of the argument flags leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may ...

DedeBIZ SQL注入漏洞

DedeBIZ is a content management system from China Muyun Intelligence DedeBIZ company. A SQL injection vulnerability exists in DedeBIZ 6.3.2 and earlier versions, which stems from incorrect manipulation of the parameter flags in the file /admin/archivesadd.php, which could lead to a SQL injection...

CVE-2025-1548

A vulnerability was found in iteachyou Dreamer CMS 4.1.3. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/archives/edit. The manipulation of the argument editorValue/answer/content leads to cross site scripting. The attack can be initiated remotely...

Dreamer CMS 代码注入漏洞

Dreamer CMS is a dreamer content management system. Dreamer CMS version 4.1.3 suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data in the editorValue, answer and content parameters in the /admin/archives/edit...

DedeBIZ 代码问题漏洞

DedeBIZ is a content management system from China Muyun Intelligence DedeBIZ company. A code issue vulnerability exists in DedeBIZ version 6.3.0, which stems from the parameter litpic in the file admin/archivesdo.php that can lead to unrestricted uploads...

Dreamer CMS Cross-Site Request Forgery Vulnerability (CNVD-2023-9571566)

Dreamer CMS is a dreamer content management system by Junnan Wang, an individual developer in China. A cross-site request forgery vulnerability exists in Dreamer CMS version v4.1.3, which originates from a failure to adequately validate whether a request is from a trusted user in the component...

CVE-2023-48912

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/archives/edit...

CVE-2023-48912

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/archives/edit...

CVE-2023-48912

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/archives/edit...

CVE-2023-48914

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/archives/add...

CVE-2023-48913

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/archives/delete...

Dreamer CMS Cross-Site Request Forgery Vulnerability

Dreamer CMS is a Dreamer Content Management System by Junnan Wang, an individual developer in China. A cross-site request forgery vulnerability exists in Dreamer CMS version v4.1.3, which stems from a cross-site request forgery CSRF vulnerability contained in the component /admin/archives/edit...

Dreamer CMS 跨站请求伪造漏洞

Dreamer CMS is a dreamer content management system by Junnan Wang, an individual developer in China. A cross-site request forgery vulnerability exists in Dreamer CMS version v4.1.3, which originates from a failure to adequately validate whether a request is from a trusted user in the component...

CVE-2023-48912

Dreamer CMS v4.1.3 contains a Cross-Site Request Forgery (CSRF) vulnerability in the /admin/archives/edit component. The CVE entry ties the issue to Dreamer CMS and specifies CSRF as the flaw, but the provided documents do not include a confirmed remediation (patch/version) or exploitation detail...

CVE-2023-48914

Affected software: Dreamer CMS v4.1.3. Vulnerability: Cross-Site Request Forgery (CSRF) in the /admin/archives/add component. The root cause is insufficient validation of whether a request originates from a trusted user, enabling an attacker to forge a malicious request that tricks a victim into ...

CVE-2023-48912

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/archives/edit...

Dreamer CMS 跨站请求伪造漏洞

Dreamer CMS is a dreamer content management system. A cross-site request forgery vulnerability exists in Dreamer CMS v4.1.3, which stems from the component /admin/archives/delete not adequately verifying whether a request comes from a trusted user, and can be exploited by an attacker to forge a...