dedecms

165 tracked vulnerabilities.

CVE-2024-4592 MEDIUM
DedeCMS 5.7 - Cross-Site Request Forgery in sys_group_edit.php
May 07, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-4591 MEDIUM
DedeCMS 5.7 - Cross-Site Request Forgery in sys_group_add.php
May 07, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-4590 MEDIUM
DedeCMS 5.7 - Cross-Site Request Forgery in sys_info.php
May 07, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-4589 MEDIUM
DedeCMS 5.7 - Cross-Site Request Forgery in mytag_edit.php
May 07, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-4588 MEDIUM
DedeCMS 5.7 - Cross-Site Request Forgery in mytag_add.php
May 07, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-4587 MEDIUM
DedeCMS 5.7 - Cross-Site Request Forgery in tpl.php
May 07, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-4586 MEDIUM
DedeCMS 5.7 - Cross-Site Request Forgery in shops_delivery.php
May 07, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-4585 MEDIUM
DedeCMS 5.7 - Cross-Site Request Forgery in member_type.php
May 07, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-33749 CRITICAL
dedecms V5.7.114 - Unauthenticated Arbitrary File Deletion via mail_file_manage.php
May 06, 2024
CVSS 9.1
EPSS 0.00
CVE-2024-33371 MEDIUM
dedecms 5.7.113 - Cross-Site Scripting via typeid Parameter in makehtml_list_action.php
Apr 30, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-33401 MEDIUM
dedecms 5.7.113 - Cross-Site Scripting via mnum Parameter
Apr 29, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-29660 MEDIUM
dedecms 5.7 - Cross-Site Scripting via stepselect_main.php
Apr 25, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-29661 CRITICAL
dedecms v5.7 - Unrestricted Upload of File with Dangerous Type
Apr 22, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-3686 MEDIUM
DedeCMS 5.7.112-UTF8 - Path Traversal via update_guide.php files Parameter
Apr 12, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-3685 MEDIUM
DedeCMS 5.7.112-UTF8 - SQL Injection via stepselect_main.php ids Parameter
Apr 12, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-30965 HIGH
dedecms v5.7 - Cross-Site Request Forgery via member_scores.php
Apr 02, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-30946 MEDIUM
dedecms v5.7 - Cross-Site Request Forgery via /src/dede/co_do.php
Apr 02, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-3148 MEDIUM
dedecms 5.7.112 - SQL Injection in makehtml_archives_action.php
Apr 02, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-3147 MEDIUM
DedeCMS 5.7 - Cross-Site Request Forgery in makehtml_map.php
Apr 02, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-3146 MEDIUM
DedeCMS 5.7 - Cross-Site Request Forgery in makehtml_rss_action.php
Apr 02, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-3145 MEDIUM
DedeCMS 5.7 - Cross-Site Request Forgery in makehtml_js_action.php
Apr 02, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-3144 MEDIUM
DedeCMS 5.7 - Cross-Site Request Forgery in makehtml_spec.php
Apr 02, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-3143 MEDIUM
DedeCMS 5.7 - Cross-Site Request Forgery in member_rank.php
Apr 02, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-29684 CRITICAL
DedeCMS v5.7 - Cross-Site Request Forgery via makehtml_homepage.php
Mar 26, 2024
CVSS 9.8
EPSS 0.04
CVE-2024-2823 MEDIUM
DedeCMS 5.7 - Cross-Site Request Forgery in mda_main.php
Mar 22, 2024
CVSS 4.3
EPSS 0.00
Products
dedecms 165
Quick Filters
Critical CVEs With Exploits In CISA KEV