PT-2023-31987 · Dedebiz · Dedebiz

Name of the Vulnerable Software and Affected Versions: DedeBIZ version 6.2 Description: A critical vulnerability was found in DedeBIZ, affecting an unknown part of the file /src/admin/tags main.php. The manipulation of the ids argument leads to SQL injection. It is possible to initiate the attack...

CVE-2020-36491

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component tagsmain.php via the activepath, keyword, tag, fmdo=x&filename, CKEditor and CKEditorFuncNum parameters...