CVE-2024-12183

A vulnerability, which was classified as problematic, was found in DedeCMS 5.7.116. This affects the function RemoveXSS of the file /plus/carbuyaction.php of the component HTTP POST Request Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Th...

CVE-2024-12180

A vulnerability classified as problematic has been found in DedeCMS 5.7.116. Affected is an unknown function of the file /member/articleadd.php. The manipulation of the argument body leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the...

PT-2024-17474 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.116 Description: A problematic issue has been found in DedeCMS, affecting some unknown functionality of the file /member/soft add.php. The manipulation of the argument body leads to cross site scripting. The attack may be...

CVE-2024-11138

A vulnerability classified as problematic has been found in DedeCMS 5.7.116. This affects an unknown part of the file /dede/uploads/dede/friendlinkadd.php. The manipulation of the argument logoimg leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

PT-2024-16783 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.116 Description: A vulnerability has been found in DedeCMS, affecting the file /dede/uploads/dede/friendlink add.php. The manipulation of the logoimg argument leads to unrestricted upload. It is possible to initiate the...