CVE-2024-30855

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/makehtmllistaction.php...

CVE-2024-30855

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/makehtmllistaction.php...

CVE-2024-30855

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/makehtmllistaction.php...

PT-2025-53785

Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7 Description The software contains a Cross-Site Request Forgery CSRF issue. The vulnerability is located in the /src/dede/makehtml list action.php endpoint. A malicious actor can potentially cause a user to perform unintende...

CVE-2024-30855

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/makehtmllistaction.php...

CVE-2024-30855

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/makehtmllistaction.php...

CVE-2024-30855

DedeCMS v5.7 is identified as affected by a Cross-Site Request Forgery (CSRF) vulnerability in the endpoint /src/dede/makehtml_list_action.php. The CVE record notes a high-severity issue (CVSS v3.1: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) with user interaction required, indicating potential impact t...

DesDev DedeCMS 安全漏洞

DesDev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS from China's Zhuozhuo DesDev. The system features content publishing, content management, content editing and content retrieval. DesDev DedeCMS v5.7 version of a security vulnerability ...

CVE-2024-33371

Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remote attacker to execute arbitrary code via the typeid parameter in the makehtmllistaction.php component...

PT-2024-25219 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.113 Description: The issue allows a remote attacker to execute arbitrary code via the typeid parameter in the makehtml list action.php component. This is a Cross Site Scripting vulnerability. Recommendations: For DedeCMS...

CVE-2024-3148

A vulnerability, which was classified as critical, has been found in DedeCMS 5.7.112. This issue affects some unknown processing of the file dede/makehtmlarchivesaction.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public...

CVE-2024-3147

A vulnerability classified as problematic was found in DedeCMS 5.7. This vulnerability affects unknown code of the file /src/dede/makehtmlmap.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

CVE-2024-3145

A vulnerability was found in DedeCMS 5.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /src/dede/makehtmljsaction.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to...

PT-2024-24091 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A problematic issue has been found in DedeCMS, affecting an unknown part of the file /src/dede/makehtml rss action.php. This issue leads to cross-site request forgery and can be initiated remotely. The exploit...

PT-2024-24112 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.112 Description: A critical issue has been found in the processing of the file dede/makehtml archives action.php, leading to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public...

CVE-2024-29684

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF via the component /src/dede/makehtmlhomepage.php allowing a remote attacker to execute arbitrary code...

DedeCMS 安全漏洞

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has content publishing, content management, content editing and content retrieval functions. A security vulnerability exists in...

PT-2024-22961 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A Cross-Site Request Forgery CSRF issue was discovered in DedeCMS, specifically via the component /src/dede/makehtml homepage.php, allowing a remote attacker to execute arbitrary code. Recommendations: For...

CVE-2024-0558

A vulnerability has been found in DedeBIZ 6.3.0 and classified as critical. This vulnerability affects unknown code of the file /admin/makehtmlfreelistaction.php. The manipulation of the argument startid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed ...

CVE-2020-36497

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component makehtmlhomepage.php via the filename, mid, userid, and templet' parameters...