Dedecms

Dedecms

167 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2024-34959

Exploit
  • EPSS 0.15%
  • Veröffentlicht 17.05.2024 20:15:07
  • Zuletzt bearbeitet 01.04.2025 18:05:25

DedeCMS V5.7.113 is vulnerable to Cross Site Scripting (XSS) via sys_data_replace.php.

7.5

CVE-2024-4790

  • EPSS 0.49%
  • Veröffentlicht 14.05.2024 15:44:44
  • Zuletzt bearbeitet 04.04.2025 14:28:44

A vulnerability classified as problematic has been found in DedeCMS 5.7.114. This affects an unknown part of the file /sys_verifies.php?action=view. The manipulation of the argument filename with the input ../../../../../etc/passwd leads to path trav...

6.5

CVE-2024-34245

Exploit
  • EPSS 0.3%
  • Veröffentlicht 14.05.2024 15:38:37
  • Zuletzt bearbeitet 01.04.2025 18:05:29

An arbitrary file read vulnerability in DedeCMS v5.7.114 allows authenticated attackers to read arbitrary files by specifying any path in makehtml_js_action.php.

4.3

CVE-2024-4594

Exploit
  • EPSS 0.07%
  • Veröffentlicht 07.05.2024 15:15:10
  • Zuletzt bearbeitet 15.01.2025 18:53:53

A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. Affected is an unknown function of the file /src/dede/sys_safe.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. Th...

4.3

CVE-2024-4590

Exploit
  • EPSS 0.08%
  • Veröffentlicht 07.05.2024 14:15:11
  • Zuletzt bearbeitet 15.01.2025 18:54:33

A vulnerability was found in DedeCMS 5.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /src/dede/sys_info.php. The manipulation leads to cross-site request forgery. The attack may be launched remo...

4.3

CVE-2024-4591

Exploit
  • EPSS 0.08%
  • Veröffentlicht 07.05.2024 14:15:11
  • Zuletzt bearbeitet 15.01.2025 18:54:36

A vulnerability classified as problematic has been found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/sys_group_add.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The e...

4.3

CVE-2024-4592

Exploit
  • EPSS 0.08%
  • Veröffentlicht 07.05.2024 14:15:11
  • Zuletzt bearbeitet 15.01.2025 18:54:14

A vulnerability classified as problematic was found in DedeCMS 5.7. This vulnerability affects unknown code of the file /src/dede/sys_group_edit.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The expl...

4.3

CVE-2024-4593

Exploit
  • EPSS 0.08%
  • Veröffentlicht 07.05.2024 14:15:11
  • Zuletzt bearbeitet 15.01.2025 18:54:03

A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7. This issue affects some unknown processing of the file /src/dede/sys_multiserv.php. The manipulation leads to cross-site request forgery. The attack may be initiated...

4.3

CVE-2024-4587

Exploit
  • EPSS 0.08%
  • Veröffentlicht 07.05.2024 13:15:49
  • Zuletzt bearbeitet 15.01.2025 18:50:05

A vulnerability was found in DedeCMS 5.7 and classified as problematic. This issue affects some unknown processing of the file /src/dede/tpl.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit ...

4.3

CVE-2024-4588

Exploit
  • EPSS 0.08%
  • Veröffentlicht 07.05.2024 13:15:49
  • Zuletzt bearbeitet 15.01.2025 18:50:28

A vulnerability was found in DedeCMS 5.7. It has been classified as problematic. Affected is an unknown function of the file /src/dede/mytag_add.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. ...