CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

191 matches found

RedhatCVE•added 2025/05/22 4:27 p.m.•5 views

CVE-2020-18184

In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametresedittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template...

7.2CVSS7.9AI score0.00611EPSS

Exploits1

CVE•added 2024/06/28 1:44 p.m.•78 views

CVE-2024-29038

The CVE-2024-29038 issue affects tpm2-tools (TPM2.0 tools). Affected component: quote data generation and verification logic in tpm2-tools; root cause: an attacker could generate arbitrary quote data that is not detected by tpm2_checkquote. Impact: attacker-controlled quotes could bypass detectio...

4.3CVSS6.6AI score0.00108EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2024/04/25 12:0 a.m.•19 views

CVE-2024-29660

Cross Site Scripting vulnerability in DedeCMS v.5.7 allows a local attacker to execute arbitrary code via a crafted payload to the stepselectmain.php component...

7AI score0.00036EPSS

Exploits0References1

NVD•added 2024/04/22 12:15 p.m.•9 views

CVE-2024-29661

A File Upload vulnerability in DedeCMS v5.7 allows a local attacker to execute arbitrary code via a crafted payload...

9.8CVSS6.5AI score0.00242EPSS

Exploits0References1

CVE•added 2024/04/22 12:0 a.m.•54 views

CVE-2024-29661

CVE-2024-29661 describes a file-upload vulnerability in DedeCMS v5.7 that allows a local attacker to execute arbitrary code via a crafted payload. The vulnerability is consistently reported across multiple sources (Red Hat, NVD, CNNVD, CVE list). The NVD entry lists a high-impact scenario (C:H/I:...

9.8CVSS7.4AI score0.00242EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/04/22 12:0 a.m.•11 views

CVE-2024-29661

A File Upload vulnerability in DedeCMS v5.7 allows a local attacker to execute arbitrary code via a crafted payload...

7.4AI score0.00242EPSS

Exploits0References1

NVD•added 2024/04/02 2:15 p.m.•7 views

CVE-2024-30965

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/memberscores.php...

8.8CVSS6.5AI score0.00277EPSS

Exploits1References2

NVD•added 2024/04/02 1:15 p.m.•11 views

CVE-2024-30946

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/codo.php...

5.5CVSS6.5AI score0.00096EPSS

Exploits1References1

Cvelist•added 2024/04/02 12:0 a.m.•13 views

CVE-2024-30965

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/memberscores.php...

7.4AI score0.00277EPSS

Exploits1References2

Vulnrichment•added 2024/04/02 12:0 a.m.•16 views

CVE-2024-30965

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/memberscores.php...

7.7AI score0.00277EPSS

Exploits1References2

CVE•added 2024/04/02 12:0 a.m.•57 views

CVE-2024-30965

CVE-2024-30965 : DedeCMS v5.7 is reported to have a Cross-Site Request Forgery (CSRF) vulnerability reachable via the endpoint /src/dede/member_scores.php. The Red Hat, NVD, OSV, CNNVD and PTSecurity records corroborate a CSRF issue affecting DedeCMS 5.7, with some sources describing an attacker‑...

8.8CVSS7.4AI score0.00277EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2024/04/02 12:0 a.m.•17 views

CVE-2024-30946

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/codo.php...

7.5AI score0.00096EPSS

Exploits1References1

Cvelist•added 2024/04/02 12:0 a.m.•13 views

CVE-2024-30946

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /src/dede/codo.php...

7.4AI score0.00096EPSS

Exploits1References1

CVE•added 2024/04/02 12:0 a.m.•60 views

CVE-2024-30946

CVE-2024-30946 concerns a CSRF vulnerability in DedeCMS v5.7 exploitable via the API endpoint /src/dede/co_do.php. The core issue is Cross-Site Request Forgery affecting DedeCMS 5.7, as documented by multiple feeds (NVD/CNNVD/Red Hat and PTSecurity), with CVSS 3.1 vector indicating network access...

5.5CVSS7.5AI score0.00096EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2024/03/26 12:0 a.m.•13 views

CVE-2024-29684

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF via the component /src/dede/makehtmlhomepage.php allowing a remote attacker to execute arbitrary code...

8.5AI score0.03515EPSS

Exploits1References1

Cvelist•added 2024/03/26 12:0 a.m.•16 views

CVE-2024-29684

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF via the component /src/dede/makehtmlhomepage.php allowing a remote attacker to execute arbitrary code...

8.1AI score0.03515EPSS

Exploits1References1

NVD•added 2024/03/13 4:15 p.m.•10 views

CVE-2024-28676

DedeCMS v5.7 was discovered to contain a cross-site scripting XSS vulnerability via /dede/articleedit.php...

6.1CVSS6.1AI score0.00263EPSS

Exploits1References1

NVD•added 2024/03/13 4:15 p.m.•7 views

CVE-2024-28671

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /dede/stepselectmain.php...

8.8CVSS6.5AI score0.005EPSS

Exploits1References1