8 matches found
CVE-2024-29660
Cross Site Scripting vulnerability in DedeCMS v.5.7 allows a local attacker to execute arbitrary code via a crafted payload to the stepselectmain.php component...
CVE-2024-29660
CVE-2024-29660 describes a cross-site scripting vulnerability in DedeCMS v5.7 affecting the stepselect_main.php component. The provided documents consistently indicate that a local attacker can leverage a crafted payload to execute arbitrary code, implying a high-privilege impact on affected syst...
CVE-2024-3685
A vulnerability, which was classified as critical, was found in DedeCMS 5.7.112-UTF8. Affected is an unknown function of the file stepselectmain.php. The manipulation of the argument ids leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2024-3685 DedeCMS stepselect_main.php sql injection
A vulnerability, which was classified as critical, was found in DedeCMS 5.7.112-UTF8. Affected is an unknown function of the file stepselectmain.php. The manipulation of the argument ids leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
Desdev DedeCMS SQL注入漏洞
Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open source content management system CMS from China's Zhuozhuo Network Desdev. The system features content publishing, content management, content editing and content retrieval. DedeCMS 5.7.112-UTF8 has a SQL injection...
CVE-2024-28671
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /dede/stepselectmain.php...
Cross site request forgery (csrf)
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /dede/stepselectmain.php...
CVE-2024-28671
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /dede/stepselectmain.php...