4 matches found
CVE-2024-52769
An arbitrary file upload vulnerability in the component /admin/friendlinkedit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2024-52769
CVE-2024-52769 affects DedeBIZ v6.3.0 with an arbitrary file upload vulnerability in the /admin/friendlink_edit endpoint (also referenced as /admin/friendlink edit). Exploitation allows attackers to execute arbitrary code via a crafted file. The NVD entry cites CVSSv3.1: AV:N/AC:L/PR:H/UI:N/S:U/C...
CVE-2024-2821
A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7. Affected by this issue is some unknown functionality of the file /src/dede/friendlinkedit.php. The manipulation of the argument id leads to cross-site request forgery. The attack may be launched remotely. The...
PT-2024-22336 · Dedecms · Dedecms
Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A problematic issue has been found in DedeCMS, affecting some unknown functionality of the file /src/dede/friendlink edit.php. The manipulation of the id argument leads to cross-site request forgery. The attac...