Dedecmsv6 Security Vulnerabilities

CVE-2022-36215

DedeBIZ v6 was discovered to contain a remote code execution vulnerability in sys_info.php.

CVE-2022-43196

dedecmdv6 v6.1.9 is vulnerable to Arbitrary file deletion via file_manage_control.php.

CVE-2022-44118

dedecmdv6 v6.1.9 is vulnerable to Remote Code Execution (RCE) via file_manage_control.php.

CVE-2022-44120

dedecmdv6 6.1.9 is vulnerable to SQL Injection. via sys_sql_query.php.