7 matches found
CVE-2023-49492
DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting XSS vulnerability via the imgstick parameter at selectimages.php...
CVE-2023-49492
DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting XSS vulnerability via the imgstick parameter at selectimages.php...
Cross site scripting
DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting XSS vulnerability via the imgstick parameter at selectimages.php...
Desdev DedeCMS Security Breach
Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has the functions of content publishing, content management, content editing and content retrieval. A security vulnerability exists ...
CVE-2023-49492
DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting XSS vulnerability via the imgstick parameter at selectimages.php...
PT-2023-31245 · Dedecms · Dedecms
Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.111 Description: A reflective cross-site scripting XSS issue was discovered in DedeCMS. The vulnerability is exploited via the imgstick parameter at the "selectimages.php" endpoint. This allows for malicious scripts to be...
CVE-2023-49492
CVE-2023-49492 affects DedeCMS v5.7.111 with a reflective XSS vulnerability exploitable via the imgstick parameter on selectimages.php. Root cause: improper input handling in the imgstick parameter leading to script injection. Impact as stated: cross-site scripting risk; no exploit details provid...