17 matches found
CVE-2024-52769
An arbitrary file upload vulnerability in the component /admin/friendlinkedit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2024-52770
An arbitrary file upload vulnerability in the component /admin/filemanagecontrol of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2024-52771
DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vulnerability via the component /admin/filemanageview...
CVE-2024-52771
DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vulnerability via the component /admin/filemanageview...
CVE-2024-52769
An arbitrary file upload vulnerability in the component /admin/friendlinkedit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2024-52769
An arbitrary file upload vulnerability in the component /admin/friendlinkedit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2024-52771
DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vulnerability via the component /admin/filemanageview...
CVE-2024-52770
An arbitrary file upload vulnerability in the component /admin/filemanagecontrol of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2024-52771
CVE-2024-52771 : DedeBIZ v6.3.0 is affected by an arbitrary file deletion vulnerability in the /admin/file_manage_view component. The issue, assigned a CVSS v3.1 base score of 9.1 (CRITICAL; Network attack vector; no user interaction; I/H/A : integrity/high, availability/high, confidentiality non...
CVE-2024-52769
CVE-2024-52769 affects DedeBIZ v6.3.0 with an arbitrary file upload vulnerability in the /admin/friendlink_edit endpoint (also referenced as /admin/friendlink edit). Exploitation allows attackers to execute arbitrary code via a crafted file. The NVD entry cites CVSSv3.1: AV:N/AC:L/PR:H/UI:N/S:U/C...
CVE-2024-52770
CVE-2024-52770 affects DedeBIZ v6.3.0 in the component used for file uploads (notably /admin/file_manage_control, and variants like /admin/file manage control). The vulnerability allows an attacker to upload a crafted file to achieve arbitrary code execution on the server. CVSS 3.1 base score is ...
CVE-2024-52770
An arbitrary file upload vulnerability in the component /admin/filemanagecontrol of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2024-44716
A cross-site scripting XSS vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-44717
A cross-site scripting XSS vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-44716
A cross-site scripting XSS vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-44717
A cross-site scripting XSS vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-44716
CVE-2024-44716 concerns DedeBIZ v6.3.0 with a cross-site scripting (XSS) vulnerability that allows an attacker to execute arbitrary web scripts or HTML via a crafted payload. The CVE entry in NVD lists a CVSSv3.1 base score of 6.1 (Medium) with AV:N, AC:L, PR:N, UI:R, S:C, C:L, I:L, A:N, indicati...