Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / dedecms

dedecms

165 tracked vulnerabilities.

CVE-2020-36491 MEDIUM

dedecms v7.5 SP2 - Cross-Site Scripting via tags_main.php Parameters

CVE-2020-36490 MEDIUM

DedeCMS v7.5 SP2 - Stored Cross-Site Scripting via file_manage_view.php Parameters

CVE-2020-23046 MEDIUM

dedecms v7.5 SP2 - Stored Cross-Site Scripting via tpl.php Parameters

CVE-2020-23044 MEDIUM

DedeCMS v7.5 SP2 - Cross-Site Scripting via Multiple Parameters in file_pic_view.php

CVE-2020-18114 CRITICAL

DedeCMS V5.7SP2 - Arbitrary File Upload via /uploads/dede Component

CVE-2020-18917 HIGH

dedecms 5.7 SP2 - Remote Code Execution via typename Parameter

CVE-2020-22198 CRITICAL

dedecms 5.7 - SQL Injection via mdescription Parameter

CVE-2020-16632 MEDIUM

dedecms V5.7 SP2 - Authenticated Stored Cross-Site Scripting via keyword Parameter

CVE-2020-27533 MEDIUM

DedeCMS 5.8 - Cross-Site Scripting in Search Feature

CVE-2019-10014 MEDIUM

DedeCMS 5.7SP2 - Authenticated Arbitrary Password Reset via ID Parameter

CVE-2019-8933 HIGH

DedeCMS 5.7SP2 - Unauthenticated Arbitrary File Upload via Template Management

CVE-2019-8362 HIGH

DedeCMS <= V5.7SP2 - Arbitrary File Upload via album_edit.php ZIP Archive

CVE-2019-6289 HIGH

DedeCMS V57_UTF8_SP2 - Remote Code Execution via Mixed-Case PHP Extension Bypass

CVE-2018-20129 HIGH

DedeCMS V5.7 SP2 - Remote Code Execution via Double Extension and Content Type Spoofing

CVE-2018-19061 CRITICAL

DedeCMS 5.7 SP2 - SQL Injection via co_do.php ids Parameter

CVE-2018-18782 MEDIUM

dedecms 5.7 SP2 - Reflected Cross-Site Scripting via myfriend.php ftype Parameter

CVE-2018-18781 MEDIUM

DedeCMS 5.7 SP2 - Cross-Site Scripting via Uploads Select Page Parameter

CVE-2018-18608 MEDIUM NUCLEI

dedecms 5.7 SP2 - Cross-Site Scripting via GetPageList Function

CVE-2018-18579 MEDIUM

dedecms 5.7 SP2 - Reflected Cross-Site Scripting via PM Folder Parameter

CVE-2018-18578 MEDIUM

dedecms 5.7 SP2 - Cross-Site Scripting via QR Code Type Parameter

CVE-2018-16786 MEDIUM

DedeCMS 5.7 SP2 - Stored Cross-Site Scripting via Feedback AJAX Msg Parameter

CVE-2018-16784 HIGH

DedeCMS 5.7 SP2 - Remote Code Execution via XML Injection

CVE-2018-16785 HIGH

dedecms V5.7 SP2 - XML Injection

CVE-2018-12046 HIGH

DedeCMS <= 5.7SP2 - Arbitrary File Write via file_manage_control.php

CVE-2018-12045 CRITICAL

dedecms <= V5.7SP2 - Arbitrary File Upload via upfile1 Parameter

Previous Page 6 of 7 Next

Products

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy