CVE-2024-7905

A vulnerability classified as critical has been found in DedeBIZ 6.3.0. This affects the function AdminUpload of the file admin/archivesdo.php. The manipulation of the argument litpic leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to t...

CVE-2024-7905 DedeBIZ archives_do.php AdminUpload unrestricted upload

A vulnerability classified as critical has been found in DedeBIZ 6.3.0. This affects the function AdminUpload of the file admin/archivesdo.php. The manipulation of the argument litpic leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to t...

DedeBIZ 代码问题漏洞

DedeBIZ is a content management system from China Muyun Intelligence DedeBIZ company. A code issue vulnerability exists in DedeBIZ version 6.3.0, which stems from the parameter litpic in the file admin/archivesdo.php that can lead to unrestricted uploads...

PT-2023-17465 · Eyoucms · Eyoucms

Name of the Vulnerable Software and Affected Versions: EyouCms version 1.5.4 Description: A problematic issue was found in the New Picture Handler component, specifically in the file login.php, where an unknown function is affected. The manipulation of the litpic loca argument leads to cross-site...

DedeCMS File Upload Vulnerability (CNVD-2018-10173)

Desdev DedeCMS Dream Weaving Content Management System is China's Zhuozhuo network Desdev Technology Co., Ltd. of a set of open-source set of content publishing, editing, management and retrieval is equal to one of the PHP Web site content management system CMS. A security vulnerability exists in...

CVE-2018-10375

A file uploading vulnerability exists in /include/helpers/upload.helper.php in DedeCMS V5.7 SP2, which can be utilized by attackers to upload and execute arbitrary PHP code via the /dede/archivesdo.php?dopost=uploadLitpic litpic parameter when "Content-Type: image/jpeg" is sent, but the filename...