2 matches found
Remote code execution
DedeBIZ v6.2.11 was discovered to contain multiple remote code execution RCE vulnerabilities at /admin/filemanagecontrol.php via the $activepath and $filename parameters...
CVE-2023-43232
A stored cross-site scripting XSS vulnerability in the Website column management function of DedeBIZ v6.2.11 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter...