Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / dedecms

dedecms

165 tracked vulnerabilities.

CVE-2018-10375 CRITICAL

DedeCMS V5.7 SP2 - Unrestricted File Upload via archives_do.php litpic Parameter

CVE-2018-9175 CRITICAL

DedeCMS 5.7 - Remote Code Execution via egroup Parameter

CVE-2018-9174 CRITICAL

DedeCMS 5.7 - Remote Code Execution via sys_verifies.php refiles Parameter

CVE-2018-9134 HIGH

DedeCMS 5.7 - Cross-Site Request Forgery via File Rename Action

CVE-2018-7700 HIGH NUCLEI

dedecms 5.7 - Cross-Site Request Forgery to Remote Code Execution via partcode Parameter

CVE-2018-6910 HIGH NUCLEI

DedeCMS 5.7 - Full Path Disclosure via Direct Request

CVE-2018-6881 MEDIUM

Dedecms - Information Disclosure

CVE-2017-17731 CRITICAL NUCLEI

DedeCMS 5.7 - SQL Injection

CVE-2017-17730 CRITICAL

dedecms < 5.7 - SQL Injection via Logo Parameter

CVE-2017-17727 HIGH

DedeCMS < 5.6 - Unauthenticated Arbitrary File Upload RCE via member/article_edit.php

CVE-2015-4553 HIGH

dedecms < 5.7-sp1 - Unrestricted File Upload

DeDeCMS - SQL Injection via id Parameter

DeDeCMS 5.5 GBK - Authentication Bypass via _SESSION[dede_admin_id] Parameter

dedecms 5.1 - SQL Injection via feedback_js.php arcurl Parameter

dedecms 5.3 - Unauthenticated Arbitrary File Upload and Remote Code Execution via Double Extension Bypass

Previous Page 7 of 7

Products

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy