Lucene search
K

5 matches found

NVD
NVD
added 2024/05/28 8:16 p.m.27 views

CVE-2024-35510

An arbitrary file upload vulnerability in /dede/filemanagecontrol.php of DedeCMS v5.7.114 allows attackers to execute arbitrary code via uploading a crafted file...

9.8CVSS6.7AI score0.00729EPSS
Exploits1References1
NVD
NVD
added 2024/05/14 3:38 p.m.12 views

CVE-2024-34245

An arbitrary file read vulnerability in DedeCMS v5.7.114 allows authenticated attackers to read arbitrary files by specifying any path in makehtmljsaction.php...

6.5CVSS6.2AI score0.00818EPSS
Exploits1References1
CVE
CVE
added 2024/05/10 4:19 p.m.84 views

CVE-2024-34245

DedeCMS 5.7.114 is affected by an authenticated arbitrary file-read vulnerability in makehtml_js_action.php. The root cause is insufficient validation of a supplied path, enabling an attacker with basic access rights to read arbitrary server files. Impact is high on confidentiality (C:H in CVSS) ...

6.5CVSS6.6AI score0.00818EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/05/06 12:0 a.m.26 views

CVE-2024-33749

DedeCMS V5.7.114 is vulnerable to deletion of any file via mailfilemanage.php...

6.8AI score0.00646EPSS
Exploits1References1
CVE
CVE
added 2024/05/06 12:0 a.m.64 views

CVE-2024-33749

Summary of CVE-2024-33749 : DedeCMS v5.7.114 is vulnerable to deletion of any file via the mail_file_manage.php script. The vulnerability enables unauthorized file deletion, with CVSSv3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H (base score 9.1, CRITICAL) indicating high impact on integrity and availa...

9.1CVSS6.8AI score0.00646EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder