Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:41 a.m.8 views

CVE-2024-52769

An arbitrary file upload vulnerability in the component /admin/friendlinkedit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...

7.2CVSS7.3AI score0.007EPSS
Exploits1References1
NVD
NVD
added 2024/11/20 5:15 p.m.13 views

CVE-2024-52770

An arbitrary file upload vulnerability in the component /admin/filemanagecontrol of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...

9.8CVSS0.00791EPSS
Exploits1References2
NVD
NVD
added 2024/11/20 5:15 p.m.18 views

CVE-2024-52771

DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vulnerability via the component /admin/filemanageview...

9.1CVSS0.00648EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/11/20 12:0 a.m.13 views

CVE-2024-52771

DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vulnerability via the component /admin/filemanageview...

7.7AI score0.00648EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/11/20 12:0 a.m.11 views

CVE-2024-52769

An arbitrary file upload vulnerability in the component /admin/friendlinkedit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...

7.8AI score0.007EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/11/20 12:0 a.m.12 views

CVE-2024-52769

An arbitrary file upload vulnerability in the component /admin/friendlinkedit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...

0.007EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/11/20 12:0 a.m.13 views

CVE-2024-52771

DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vulnerability via the component /admin/filemanageview...

0.00648EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/11/20 12:0 a.m.17 views

CVE-2024-52770

An arbitrary file upload vulnerability in the component /admin/filemanagecontrol of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...

0.00791EPSS
Exploits1References2
CVE
CVE
added 2024/11/20 12:0 a.m.56 views

CVE-2024-52771

CVE-2024-52771 : DedeBIZ v6.3.0 is affected by an arbitrary file deletion vulnerability in the /admin/file_manage_view component. The issue, assigned a CVSS v3.1 base score of 9.1 (CRITICAL; Network attack vector; no user interaction; I/H/A : integrity/high, availability/high, confidentiality non...

9.1CVSS7.7AI score0.00648EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2024/11/20 12:0 a.m.66 views

CVE-2024-52769

CVE-2024-52769 affects DedeBIZ v6.3.0 with an arbitrary file upload vulnerability in the /admin/friendlink_edit endpoint (also referenced as /admin/friendlink edit). Exploitation allows attackers to execute arbitrary code via a crafted file. The NVD entry cites CVSSv3.1: AV:N/AC:L/PR:H/UI:N/S:U/C...

7.2CVSS8AI score0.007EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2024/11/20 12:0 a.m.67 views

CVE-2024-52770

CVE-2024-52770 affects DedeBIZ v6.3.0 in the component used for file uploads (notably /admin/file_manage_control, and variants like /admin/file manage control). The vulnerability allows an attacker to upload a crafted file to achieve arbitrary code execution on the server. CVSS 3.1 base score is ...

9.8CVSS8AI score0.00791EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/20 12:0 a.m.8 views

CVE-2024-52770

An arbitrary file upload vulnerability in the component /admin/filemanagecontrol of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...

7.8AI score0.00791EPSS
Exploits1References2
NVD
NVD
added 2024/08/29 6:15 p.m.15 views

CVE-2024-44716

A cross-site scripting XSS vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6.1CVSS0.0027EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/29 12:0 a.m.9 views

CVE-2024-44717

A cross-site scripting XSS vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.8AI score0.0027EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/29 12:0 a.m.14 views

CVE-2024-44716

A cross-site scripting XSS vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.8AI score0.0027EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/29 12:0 a.m.17 views

CVE-2024-44717

A cross-site scripting XSS vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

0.0027EPSS
Exploits0References2
CVE
CVE
added 2024/08/29 12:0 a.m.56 views

CVE-2024-44716

CVE-2024-44716 concerns DedeBIZ v6.3.0 with a cross-site scripting (XSS) vulnerability that allows an attacker to execute arbitrary web scripts or HTML via a crafted payload. The CVE entry in NVD lists a CVSSv3.1 base score of 6.1 (Medium) with AV:N, AC:L, PR:N, UI:R, S:C, C:L, I:L, A:N, indicati...

6.1CVSS5.8AI score0.0027EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder