CVE-2024-4589

CVE-2024-4589 affects DedeCMS 5.7, with vulnerability in the file /src/dede/mytag_edit.php leading to cross-site request forgery. The initial descriptions indicate a remote, publicly disclosed exploit and a non-specified impact on confidentiality and integrity, limited to CSRF (I:L) and no availa...

CVE-2024-4589 DedeCMS mytag_edit.php cross-site request forgery

A vulnerability was found in DedeCMS 5.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /src/dede/mytagedit.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed ...

CVE-2024-4588

CVE-2024-4588 affects DedeCMS 5.7, with a CSRF flaw in /src/dede/mytag_add.php. The vulnerability is exploitable remotely and has publicly disclosed exploit information. Affected function is unspecified; vendor fix/version not clearly documented in the provided sources. Reports from multiple feed...

CVE-2024-4588 DedeCMS mytag_add.php cross-site request forgery

A vulnerability was found in DedeCMS 5.7. It has been classified as problematic. Affected is an unknown function of the file /src/dede/mytagadd.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and...

CVE-2024-4587

CVE-2024-4587 affects DedeCMS 5.7, with CSRF in /src/dede/tpl.php. The vulnerability can be triggered remotely; exploitation has been disclosed publicly. Documents do not specify a patch or official remediation. A PT Security advisory suggests restricting access to the affected file as a temporar...

CVE-2024-4586 DedeCMS shops_delivery.php cross-site request forgery

A vulnerability has been found in DedeCMS 5.7 and classified as problematic. This vulnerability affects unknown code of the file /src/dede/shopsdelivery.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public an...

CVE-2024-4585

A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/membertype.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2024-4585 DedeCMS member_type.php cross-site request forgery

A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/membertype.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2024-4585 DedeCMS member_type.php cross-site request forgery

A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/membertype.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2024-4585

CVE-2024-4585 affects DedeCMS 5.7, with the vulnerability located in the file /src/dede/member_type.php. The issue is described as a cross-site request forgery (CSRF) that can be initiated remotely and for which exploits have been disclosed to the public. Multiple sources in the connected documen...

PT-2024-22953 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A Cross Site Scripting issue allows a local attacker to execute arbitrary code by sending a crafted payload to the "stepselect main.php" component. Recommendations: For DedeCMS version 5.7, at the moment, ther...

CVE-2024-3146

A vulnerability classified as problematic has been found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/makehtmlrssaction.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2024-3147

A vulnerability classified as problematic was found in DedeCMS 5.7. This vulnerability affects unknown code of the file /src/dede/makehtmlmap.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

CVE-2024-3144

A vulnerability was found in DedeCMS 5.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /src/dede/makehtmlspec.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclos...

CVE-2024-3144

A vulnerability was found in DedeCMS 5.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /src/dede/makehtmlspec.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclos...

CVE-2024-3147

CVE-2024-3147 affects DedeCMS 5.7, with the vulnerable element in the file /src/dede/makehtml_map.php. The issue is a cross-site request forgery that can be triggered remotely, and public exploitation has been disclosed. The vulnerability has been consistently described across sources (NVD, CVE r...

CVE-2024-3147 DedeCMS makehtml_map.php cross-site request forgery

A vulnerability classified as problematic was found in DedeCMS 5.7. This vulnerability affects unknown code of the file /src/dede/makehtmlmap.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

CVE-2024-3146 DedeCMS makehtml_rss_action.php cross-site request forgery

A vulnerability classified as problematic has been found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/makehtmlrssaction.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2024-3145 DedeCMS makehtml_js_action.php cross-site request forgery

A vulnerability was found in DedeCMS 5.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /src/dede/makehtmljsaction.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to...

CVE-2024-3145

CVE-2024-3145 affects DedeCMS 5.7, specifically the /src/dede/makehtml_js_action.php component. The root cause is a cross-site request forgery (CSRF) vulnerability that can be triggered remotely, with public exploit disclosures noted. Multiple sources (NVD/CVE records) classify the issue as MEDIU...