Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / dedecms

dedecms

165 tracked vulnerabilities.

CVE-2023-30380 HIGH

dedecms v5.7.107 - Path Traversal via /dialog/select_media.php

CVE-2023-27733 HIGH

dedecms v5.7.106 - SQL Injection via sys_sql_query.php

CVE-2023-2059 MEDIUM NUCLEI

dedecms 5.7.87 - Path Traversal via select_templets.php

CVE-2023-2056 MEDIUM

dedecms < 5.7.87 - Remote Code Execution via GetSystemFile Function

CVE-2023-27709 HIGH

dedecms < 5.7.106 - SQL Injection via rank_* Parameter in /dedestory_catalog.php

CVE-2023-27707 HIGH

dedecms < 5.7.106 - SQL Injection via rank_* Parameter in group_store.php

CVE-2022-48140 MEDIUM

dedecms v5.7.97 - Cross-Site Scripting in file_manage_view.php

CVE-2022-46442 CRITICAL

dedecms <= V5.7.102 - SQL Injection

CVE-2022-43192 MEDIUM

dedecms v5.7.101 - Arbitrary File Upload via file_manage_control.php

CVE-2022-43031 HIGH

dedecms v6.1.9 - Cross-Site Request Forgery

CVE-2022-40921 HIGH

dedecms V5.7.99 - Arbitrary File Upload via file_manage_control.php

CVE-2022-40886 HIGH

DedeCMS 5.7.98 - File Upload Vulnerability

CVE-2022-36583 MEDIUM

dedecms V5.7.97 - Cross-Site Scripting via dopost, rpok, and aid Parameters

CVE-2022-36216 HIGH

dedecms 5.7.94-5.7.97 - Remote Code Execution via member_toadmin.php

CVE-2022-35516 CRITICAL

dedecms 5.7.93-5.7.96 - Remote Code Execution via login.php

CVE-2022-34531 CRITICAL

dedecms v5.7.95 - Remote Code Execution via mytag_main.php

CVE-2022-30508 MEDIUM

dedecms v5.7.93 - Arbitrary File Deletion via upload.php delete parameter

CVE-2022-23337 CRITICAL

DedeCMS v5.7.87 - SQL Injection via article_coonepage_rule.php ids Parameter

CVE-2021-32073 HIGH

DedeCMS V5.7 SP2 - Cross-Site Request Forgery Leading to Remote Code Execution

CVE-2020-36497 MEDIUM

dedecms v7.5 SP2 - Cross-Site Scripting via makehtml_homepage.php Parameters

CVE-2020-36496 MEDIUM

dedecms v7.5 SP2 - Cross-Site Scripting via sys_admin_user_edit.php Parameters

CVE-2020-36495 MEDIUM

DedeCMS v7.5 SP2 - Cross-Site Scripting via file_manage_view.php Parameters

CVE-2020-36494 MEDIUM

dedecms v7.5 SP2 - Cross-Site Scripting via mychannel_edit.php Parameters

CVE-2020-36493 MEDIUM

dedecms v7.5 SP2 - Cross-Site Scripting via media_main.php Parameters

CVE-2020-36492 MEDIUM

dedecms v7.5 SP2 - Stored Cross-Site Scripting via select_media.php Parameters

Previous Page 5 of 7 Next

Products

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy