CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

RedhatCVE•added 2025/05/23 6:41 a.m.•6 views

CVE-2024-52769

An arbitrary file upload vulnerability in the component /admin/friendlinkedit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...

7.2CVSS7.3AI score0.00201EPSS

Exploits1References1

NVD•added 2024/11/20 5:15 p.m.•9 views

CVE-2024-52770

An arbitrary file upload vulnerability in the component /admin/filemanagecontrol of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...

9.8CVSS0.00304EPSS

Exploits1References2

NVD•added 2024/11/20 5:15 p.m.•16 views

CVE-2024-52771

DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vulnerability via the component /admin/filemanageview...

9.1CVSS0.00403EPSS

Exploits1References2

Cvelist•added 2024/11/20 12:0 a.m.•14 views

CVE-2024-52770

An arbitrary file upload vulnerability in the component /admin/filemanagecontrol of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...

0.00304EPSS

Exploits1References2

CVE•added 2024/11/20 12:0 a.m.•59 views

CVE-2024-52770

CVE-2024-52770 affects DedeBIZ v6.3.0 in the component used for file uploads (notably /admin/file_manage_control, and variants like /admin/file manage control). The vulnerability allows an attacker to upload a crafted file to achieve arbitrary code execution on the server. CVSS 3.1 base score is ...

9.8CVSS8AI score0.00304EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2024/11/20 12:0 a.m.•13 views

CVE-2024-52771

DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vulnerability via the component /admin/filemanageview...

7.7AI score0.00403EPSS

Exploits1References2

Vulnrichment•added 2024/11/20 12:0 a.m.•11 views

CVE-2024-52769

An arbitrary file upload vulnerability in the component /admin/friendlinkedit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...

7.8AI score0.00201EPSS

Exploits1References2

CVE•added 2024/11/20 12:0 a.m.•49 views

CVE-2024-52771

CVE-2024-52771 : DedeBIZ v6.3.0 is affected by an arbitrary file deletion vulnerability in the /admin/file_manage_view component. The issue, assigned a CVSS v3.1 base score of 9.1 (CRITICAL; Network attack vector; no user interaction; I/H/A : integrity/high, availability/high, confidentiality non...

9.1CVSS7.7AI score0.00403EPSS

Exploits1References2Affected Software1

CVE•added 2024/11/20 12:0 a.m.•54 views

CVE-2024-52769

CVE-2024-52769 affects DedeBIZ v6.3.0 with an arbitrary file upload vulnerability in the /admin/friendlink_edit endpoint (also referenced as /admin/friendlink edit). Exploitation allows attackers to execute arbitrary code via a crafted file. The NVD entry cites CVSSv3.1: AV:N/AC:L/PR:H/UI:N/S:U/C...

7.2CVSS8AI score0.00201EPSS

Exploits1References2Affected Software1

Cvelist•added 2024/11/20 12:0 a.m.•10 views

CVE-2024-52769

An arbitrary file upload vulnerability in the component /admin/friendlinkedit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...

0.00201EPSS

Exploits1References2

Cvelist•added 2024/11/20 12:0 a.m.•11 views

CVE-2024-52771

DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vulnerability via the component /admin/filemanageview...

0.00403EPSS

Exploits1References2

Vulnrichment•added 2024/11/20 12:0 a.m.•7 views

CVE-2024-52770

An arbitrary file upload vulnerability in the component /admin/filemanagecontrol of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file...

7.8AI score0.00304EPSS

Exploits1References2

Vulnrichment•added 2024/10/24 12:0 a.m.•9 views

CVE-2024-48140

A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI Copilot powered by ChatGPT4 v6.3.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

7.3AI score0.0018EPSS

Exploits0References2

CVE•added 2024/10/24 12:0 a.m.•63 views

CVE-2024-48140

CVE-2024-48140 is described across multiple sources (NVD, Red Hat, CNNVD, CVE lists) as a prompt-injection vulnerability in the chatbox of Butterfly Effect Limited’s Monica Your AI Copilot powered by ChatGPT4 v6.3.0. The concrete detail available is that the affected software is Monica Your AI Co...

7.5CVSS7.1AI score0.0018EPSS

Exploits0References2

Cvelist•added 2024/10/24 12:0 a.m.•17 views

CVE-2024-48140

0.0018EPSS

Exploits0References2

NVD•added 2024/08/29 6:15 p.m.•9 views

CVE-2024-44716

A cross-site scripting XSS vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6.1CVSS0.00388EPSS

Exploits0References2

OSV•added 2024/08/29 6:15 p.m.•1 views

CVE-2024-44716

A cross-site scripting XSS vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6.1CVSS5.9AI score0.00388EPSS

Exploits0References2

CVE•added 2024/08/29 12:0 a.m.•45 views

CVE-2024-44717

CVE-2024-44717 is an XSS vulnerability affecting DedeBIZ v6.3.0 , where a crafted payload can cause arbitrary web scripts or HTML execution. Connected documents corroborate the issue across Red Hat, NVD, CNNVD, CVE listing, and enrichment sources, all referencing the same product/version. The ava...

6.1CVSS5.8AI score0.00388EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/08/29 12:0 a.m.•8 views

CVE-2024-44717

A cross-site scripting XSS vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.8AI score0.00388EPSS

Exploits0References2

Cvelist•added 2024/08/29 12:0 a.m.•14 views

CVE-2024-44717

A cross-site scripting XSS vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

0.00388EPSS

Exploits0References2