Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

25 matches found

NVD
NVDadded 2025/12/29 8:15 p.m.3 views

CVE-2024-30855

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/makehtmllistaction.php...

8.8CVSS0.00193EPSS
Exploits1References2
OSV
OSVadded 2024/05/07 1:15 p.m.2 views

CVE-2024-4589

A vulnerability was found in DedeCMS 5.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /src/dede/mytagedit.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed ...

4.3CVSS4.6AI score0.0042EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2024/05/07 12:0 a.m.4 views

PT-2024-31839 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A vulnerability was found in DedeCMS, affecting an unknown functionality of the file /src/dede/mytag edit.php. This issue leads to cross-site request forgery and can be launched remotely. Recommendations: For...

5CVSS4.9AI score0.0042EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2024/05/07 12:0 a.m.2 views

PT-2024-31832 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A problematic issue was found in DedeCMS, affecting an unknown function of the file /src/dede/mytag add.php. This issue leads to cross-site request forgery and can be exploited remotely. Recommendations: For...

5CVSS4.9AI score0.0042EPSS
Exploits1References7
OSV
OSVadded 2024/04/22 12:15 p.m.3 views

CVE-2024-29661

A File Upload vulnerability in DedeCMS v5.7 allows a local attacker to execute arbitrary code via a crafted payload...

9.8CVSS6.1AI score0.00674EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/04/02 12:0 a.m.2 views

PT-2024-24077 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A vulnerability was found in DedeCMS, affecting an unknown functionality of the file /src/dede/makehtml spec.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The...

5CVSS4.9AI score0.00419EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2024/04/02 12:0 a.m.3 views

PT-2024-24101 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A problematic vulnerability was found in DedeCMS, affecting unknown code of the file /src/dede/makehtml map.php. This issue leads to cross-site request forgery and can be initiated remotely. The exploit has be...

5CVSS5AI score0.00406EPSS
Exploits1References7
OSV
OSVadded 2024/03/22 4:15 p.m.1 views

CVE-2024-2820

A vulnerability classified as problematic was found in DedeCMS 5.7. Affected by this vulnerability is an unknown functionality of the file /src/dede/baidunews.php. The manipulation of the argument filename leads to cross-site request forgery. The attack can be launched remotely. The exploit has...

4.3CVSS4.8AI score0.0039EPSS
Exploits1References3
OSV
OSVadded 2024/03/22 4:15 p.m.3 views

CVE-2024-2821

A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7. Affected by this issue is some unknown functionality of the file /src/dede/friendlinkedit.php. The manipulation of the argument id leads to cross-site request forgery. The attack may be launched remotely. The...

4.3CVSS5AI score0.00397EPSS
Exploits1References3
OSV
OSVadded 2024/03/13 4:15 p.m.1 views

CVE-2024-28678

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /dede/articledescriptionmain.php...

6.3CVSS6.5AI score0.00233EPSS
Exploits1References1
OSV
OSVadded 2024/03/13 4:15 p.m.2 views

CVE-2024-28670

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /dede/freelistmain.php...

6.1CVSS6.6AI score0.00242EPSS
Exploits1References1
OSV
OSVadded 2024/03/13 1:15 p.m.2 views

CVE-2024-28429

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /dede/archivesdo.php...

5.5CVSS5.8AI score0.00205EPSS
Exploits1References1
CNNVD
CNNVDadded 2024/03/13 12:0 a.m.3 views

Desdev DedeCMS Security Breach

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has the functions of content publishing, content management, content editing and content retrieval. A security vulnerability exists ...

6.1CVSS6AI score0.00472EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2024/03/13 12:0 a.m.2 views

PT-2024-22507 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A Cross-Site Request Forgery CSRF issue was found in the /dede/media add.php component. This allows an attacker to perform unintended actions on the web application. Recommendations: For DedeCMS version 5.7, a...

5.5CVSS6.8AI score0.00195EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2024/03/13 12:0 a.m.3 views

PT-2024-22526 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A Cross-Site Request Forgery CSRF issue was found in the component /dede/module main.php. Recommendations: For DedeCMS version 5.7, as a temporary workaround, consider restricting access to the /dede/module...

8.8CVSS7.1AI score0.00323EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2024/03/13 12:0 a.m.2 views

PT-2024-22514 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A Cross-Site Request Forgery CSRF issue was found in DedeCMS. The issue is related to the "/dede/media edit.php" endpoint. Recommendations: For DedeCMS version 5.7, as a temporary workaround, consider...

5.4CVSS6.8AI score0.00229EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2024/03/13 12:0 a.m.2 views

PT-2024-22519 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A Cross-Site Request Forgery CSRF issue was found in DedeCMS via the component /dede/article description main.php. This allows an attacker to perform unintended actions on the website. Recommendations: For...

6.3CVSS6.8AI score0.00233EPSS
Exploits1References5
CNNVD
CNNVDadded 2024/03/13 12:0 a.m.4 views

Desdev DedeCMS Security Breach

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has the functions of content publishing, content management, content editing and content retrieval. A security vulnerability exists ...

6.1CVSS6.8AI score0.00209EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2023/09/12 3:15 p.m.3 views

CVE-2023-40784

DedeCMS 5.7.102 has a File Upload vulnerability via uploads/dede/modulemake.php...

9.8CVSS7.3AI score0.00561EPSS
Exploits0References2
OSV
OSVadded 2021/06/16 4:15 p.m.2 views

CVE-2020-22198

SQL Injection vulnerability in DedeCMS 5.7 via mdescription parameter to member/ajaxmembergroup.php...

9.8CVSS5.8AI score0.01712EPSS
Exploits1References2
Rows per page
Query Builder