Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:33 a.m.10 views

CVE-2023-27709

SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote attacker to execute arbitrary code via the rank parameter in the /dedestorycatalog.php endpoint...

7.2CVSS8.6AI score0.01297EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/03/17 12:0 a.m.14 views

DedeCMS 5.x SQL Injection Vulnerability (CVE-2023-27709)

DedeCMS is prone to an SQL injection vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dedecms:dedecms"; if...

7.2CVSS7.4AI score0.01297EPSS
Exploits1References1
NVD
NVD
added 2023/03/16 3:15 p.m.12 views

CVE-2023-27709

SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote attacker to execute arbitrary code via the rank parameter in the /dedestorycatalog.php endpoint...

7.2CVSS7.4AI score0.01297EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/03/16 12:0 a.m.7 views

CVE-2023-27709

SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote attacker to execute arbitrary code via the rank parameter in the /dedestorycatalog.php endpoint...

7.4AI score0.01297EPSS
Exploits1References1
CVE
CVE
added 2023/03/16 12:0 a.m.57 views

CVE-2023-27709

Summary (CVE-2023-27709): DedeCMS 5.x vulnerable to SQL injection through the rank_* parameter in the /dedestory_catalog.php endpoint (DedeCMS v5.7.106). This could allow a remote attacker to execute arbitrary code. The CVSSv3.1 base score is 7.2 (HIGH). Affected software: DedeCMS v5.7.106 (and 5...

7.2CVSS7.4AI score0.01297EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder