Unrated severityNVD Advisory· Published Aug 24, 2021· Updated Aug 4, 2024
CVE-2020-18917
CVE-2020-18917
Description
The plus/search.php component in DedeCMS 5.7 SP2 allows remote attackers to execute arbitrary PHP code via the typename parameter because the contents of typename.inc are under an attacker's control.
Affected products
2- DedeCMS/DedeCMSdescription
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.