CVE-2024-3147

A vulnerability classified as problematic was found in DedeCMS 5.7. This vulnerability affects unknown code of the file /src/dede/makehtmlmap.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

CVE-2024-3146

A vulnerability classified as problematic has been found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/makehtmlrssaction.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

The vulnerability of the file_pic_view.php component in the DedeCMS content management system, related to the lack of protective measures for website structures, allows attackers to carry out XSS attacks.

The vulnerability of the filepicview.php component in the DedeCMS content management system is related to the lack of measures taken to protect the website’s structure. Exploiting this vulnerability allows a malicious actor to perform XSS attacks remotely...

Desdev DedeCMS 跨站脚本漏洞

DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the filename, mid, userid ...

DedeCMS Cross-Site Scripting Vulnerability (CNVD-2019-01728)

DedeCMS is a PHP-based web content management system CMS. A cross-site scripting vulnerability exists in the /member/uploadsselect.php file in DedeCMS version 5.7 SP2, which can be exploited by a remote attacker with the help of the 'f' or 'keyword' parameter to A remote attacker can use the 'f' ...