CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2025/12/30 1:2 a.m.•4 views

CVE-2024-30855

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/makehtmllistaction.php...

8.8CVSS7.3AI score0.00007EPSS

Exploits1References1

NVD•added 2025/12/29 8:15 p.m.•1 views

CVE-2024-30855

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/makehtmllistaction.php...

8.8CVSS0.00007EPSS

Exploits1References2

OSV•added 2025/12/29 8:15 p.m.•0 views

CVE-2024-30855

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/makehtmllistaction.php...

8.8CVSS5.8AI score

Exploits0References2

Cvelist•added 2025/12/29 12:0 a.m.•20 views

CVE-2024-30855

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/makehtmllistaction.php...

0.00007EPSS

Exploits1References2

Vulnrichment•added 2025/12/29 12:0 a.m.•1 views

CVE-2024-30855

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/makehtmllistaction.php...

6.9AI score0.00007EPSS

Exploits1References2

Positive Technologies•added 2025/12/29 12:0 a.m.•2 views

PT-2025-53785

Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7 Description The software contains a Cross-Site Request Forgery CSRF issue. The vulnerability is located in the /src/dede/makehtml list action.php endpoint. A malicious actor can potentially cause a user to perform unintende...

8.8CVSS6.7AI score0.00007EPSS

Exploits1References9

CVE•added 2025/12/29 12:0 a.m.•8 views

CVE-2024-30855

DedeCMS v5.7 is identified as affected by a Cross-Site Request Forgery (CSRF) vulnerability in the endpoint /src/dede/makehtml_list_action.php. The CVE record notes a high-severity issue (CVSS v3.1: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) with user interaction required, indicating potential impact t...

8.8CVSS6.9AI score0.00007EPSS

Exploits1References2Affected Software1

OSV•added 2024/04/30 8:15 p.m.•1 views

CVE-2024-33371

Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remote attacker to execute arbitrary code via the typeid parameter in the makehtmllistaction.php component...

6.1CVSS6.1AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by