Dedecms

Dedecms

167 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2020-36490

Exploit
  • EPSS 0.18%
  • Veröffentlicht 22.10.2021 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:29:39

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.

5.4

CVE-2020-36491

Exploit
  • EPSS 0.18%
  • Veröffentlicht 22.10.2021 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:29:39

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component tags_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.

5.4

CVE-2020-36492

Exploit
  • EPSS 0.18%
  • Veröffentlicht 22.10.2021 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:29:39

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component select_media.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.

5.4

CVE-2020-36493

Exploit
  • EPSS 0.18%
  • Veröffentlicht 22.10.2021 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:29:39

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component media_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.

6.1

CVE-2020-36494

Exploit
  • EPSS 0.18%
  • Veröffentlicht 22.10.2021 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:29:39

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component mychannel_edit.php via the `filename`, `mid`, `userid`, and `templet' parameters.

6.1

CVE-2020-36495

Exploit
  • EPSS 0.18%
  • Veröffentlicht 22.10.2021 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:29:40

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `filename`, `mid`, `userid`, and `templet' parameters.

6.1

CVE-2020-36496

Exploit
  • EPSS 0.18%
  • Veröffentlicht 22.10.2021 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:29:40

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component sys_admin_user_edit.php via the `filename`, `mid`, `userid`, and `templet' parameters.

6.1

CVE-2020-36497

Exploit
  • EPSS 0.18%
  • Veröffentlicht 22.10.2021 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:29:40

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component makehtml_homepage.php via the `filename`, `mid`, `userid`, and `templet' parameters.

5.4

CVE-2020-23044

Exploit
  • EPSS 0.24%
  • Veröffentlicht 22.10.2021 20:15:10
  • Zuletzt bearbeitet 21.11.2024 05:13:31

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_pic_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.

6.1

CVE-2020-23046

Exploit
  • EPSS 0.25%
  • Veröffentlicht 22.10.2021 20:15:10
  • Zuletzt bearbeitet 21.11.2024 05:13:31

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component tpl.php via the `filename`, `mid`, `userid`, and `templet' parameters.