17 matches found
EUVD-2024-48747
Malicious code in bioql PyPI...
CVE-2024-0557
A vulnerability, which was classified as problematic, was found in DedeBIZ 6.3.0. This affects an unknown part of the component Website Copyright Setting. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public a...
CVE-2024-7906 DedeBIZ Attachment Settings select_images_post.php get_mime_type unrestricted upload
A vulnerability classified as critical was found in DedeBIZ 6.3.0. This vulnerability affects the function getmimetype of the file /admin/dialog/selectimagespost.php of the component Attachment Settings. The manipulation of the argument upload leads to unrestricted upload. The attack can be...
CVE-2024-7906
DedeBIZ 6.3.0 is affected, specifically the Attachment Settings component. The vulnerability lies in the get_mime_type function of /admin/dialog/select_images_post.php, where manipulating the upload parameter enables unrestricted file uploads. This can be exploited remotely, and the exploit has b...
CVE-2024-7905
A vulnerability classified as critical has been found in DedeBIZ 6.3.0. This affects the function AdminUpload of the file admin/archivesdo.php. The manipulation of the argument litpic leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to t...
CVE-2024-7905 DedeBIZ archives_do.php AdminUpload unrestricted upload
A vulnerability classified as critical has been found in DedeBIZ 6.3.0. This affects the function AdminUpload of the file admin/archivesdo.php. The manipulation of the argument litpic leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to t...
CVE-2024-7905 DedeBIZ archives_do.php AdminUpload unrestricted upload
A vulnerability classified as critical has been found in DedeBIZ 6.3.0. This affects the function AdminUpload of the file admin/archivesdo.php. The manipulation of the argument litpic leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to t...
CVE-2024-7904
A vulnerability was found in DedeBIZ 6.3.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin/filemanagecontrol.php of the component File Extension Handler. The manipulation of the argument upfile1 leads to unrestricted upload. The attack may be...
CVE-2024-7904
A vulnerability was found in DedeBIZ 6.3.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin/filemanagecontrol.php of the component File Extension Handler. The manipulation of the argument upfile1 leads to unrestricted upload. The attack may be...
CVE-2024-7904 DedeBIZ File Extension file_manage_control.php unrestricted upload
A vulnerability was found in DedeBIZ 6.3.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin/filemanagecontrol.php of the component File Extension Handler. The manipulation of the argument upfile1 leads to unrestricted upload. The attack may be...
CVE-2024-7903
A vulnerability was found in DedeBIZ 6.3.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/mediaadd.php of the component File Extension Handler. The manipulation of the argument upfile1 leads to unrestricted upload. The attack can be...
CVE-2024-7903
CVE-2024-7903 affects DedeBIZ 6.3.0. The vulnerability resides in the admin/media_add.php functionality (File Extension Handler): manipulating the upfile1 parameter enables unrestricted file uploads, allowing remote, unauthenticated-like impact as described. Exploitation details are publicly disc...
CVE-2024-0557
A vulnerability, which was classified as problematic, was found in DedeBIZ 6.3.0. This affects an unknown part of the component Website Copyright Setting. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public a...
CVE-2024-0557
A vulnerability, which was classified as problematic, was found in DedeBIZ 6.3.0. This affects an unknown part of the component Website Copyright Setting. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public a...
Cross site scripting
A vulnerability, which was classified as problematic, was found in DedeBIZ 6.3.0. This affects an unknown part of the component Website Copyright Setting. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public a...
CVE-2024-0557
CVE-2024-0557 affects DedeBIZ 6.3.0, specifically the Website Copyright Setting component. The vulnerability enables cross-site scripting and can be exploited remotely; exploitation status is public, and the vendor did not respond to disclosure. Several connected sources confirm the issue and sco...
PT-2024-15657 · Dedebiz · Dedebiz
Name of the Vulnerable Software and Affected Versions: DedeBIZ version 6.3.0 Description: A critical vulnerability has been found in DedeBIZ, affecting unknown code in the file /admin/makehtml freelist action.php. The manipulation of the startid argument leads to SQL injection. The attack can be...