CVE-2024-35375

CRITICAL

Dedecms - Unrestricted File Upload

Title source: rule

Description

There is an arbitrary file upload vulnerability on the media add .php page in the backend of the website in version 5.7.114 of DedeCMS

References (2)

Scores

CVSS v3 9.8
EPSS 0.0035
EPSS Percentile 57.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-434
Status published

Affected Products (1)

dedecms/dedecms

Timeline

Published May 23, 2024
Tracked Since Feb 18, 2026