Dedecms
by Dedecms
Source repositories
CVEs (169)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-29684 | 0.00 | — | 0.01 | Mar 26, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /src/dede/makehtml_homepage.php allowing a remote attacker to execute arbitrary code. | |||
| CVE-2024-2823 | 0.00 | — | 0.00 | Mar 22, 2024 | A vulnerability has been found in DedeCMS 5.7 and classified as problematic. This vulnerability affects unknown code of the file /src/dede/mda_main.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to… | |||
| CVE-2024-2822 | 0.00 | — | 0.00 | Mar 22, 2024 | A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/vote_edit.php. The manipulation of the argument aid leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit… | |||
| CVE-2024-2821 | 0.00 | — | 0.00 | Mar 22, 2024 | A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7. Affected by this issue is some unknown functionality of the file /src/dede/friendlink_edit.php. The manipulation of the argument id leads to cross-site request forgery. The attack may be… | |||
| CVE-2024-2820 | 0.00 | — | 0.00 | Mar 22, 2024 | A vulnerability classified as problematic was found in DedeCMS 5.7. Affected by this vulnerability is an unknown functionality of the file /src/dede/baidunews.php. The manipulation of the argument filename leads to cross-site request forgery. The attack can be launched remotely.… | |||
| CVE-2024-28432 | 0.00 | — | 0.00 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_edit.php. | |||
| CVE-2024-28430 | 0.00 | — | 0.00 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_edit.php. | |||
| CVE-2024-28676 | 0.00 | — | 0.00 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a cross-site scripting (XSS) vulnerability via /dede/article_edit.php. | |||
| CVE-2024-28665 | 0.00 | — | 0.00 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_add.php | |||
| CVE-2024-28672 | 0.00 | — | 0.00 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/media_edit.php. | |||
| CVE-2024-28684 | 0.00 | — | 0.00 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/module_main.php | |||
| CVE-2024-28678 | 0.00 | — | 0.00 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_description_main.php | |||
| CVE-2024-28671 | 0.00 | — | 0.01 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/stepselect_main.php. | |||
| CVE-2024-28666 | 0.00 | — | 0.00 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/media_add.php | |||
| CVE-2024-28667 | 0.00 | — | 0.00 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/templets_one_edit.php | |||
| CVE-2024-28431 | 0.00 | — | 0.00 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_del.php. | |||
| CVE-2024-28670 | 0.00 | — | 0.00 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/freelist_main.php. | |||
| CVE-2024-28675 | 0.00 | — | 0.00 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/diy_edit.php | |||
| CVE-2024-28682 | 0.00 | — | 0.00 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/sys_cache_up.php. | |||
| CVE-2024-28681 | 0.00 | — | 0.00 | Mar 13, 2024 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/plus_edit.php. |
- CVE-2024-29684Mar 26, 2024risk 0.00cvss —epss 0.01
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /src/dede/makehtml_homepage.php allowing a remote attacker to execute arbitrary code.
- CVE-2024-2823Mar 22, 2024risk 0.00cvss —epss 0.00
A vulnerability has been found in DedeCMS 5.7 and classified as problematic. This vulnerability affects unknown code of the file /src/dede/mda_main.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to…
- CVE-2024-2822Mar 22, 2024risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/vote_edit.php. The manipulation of the argument aid leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit…
- CVE-2024-2821Mar 22, 2024risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7. Affected by this issue is some unknown functionality of the file /src/dede/friendlink_edit.php. The manipulation of the argument id leads to cross-site request forgery. The attack may be…
- CVE-2024-2820Mar 22, 2024risk 0.00cvss —epss 0.00
A vulnerability classified as problematic was found in DedeCMS 5.7. Affected by this vulnerability is an unknown functionality of the file /src/dede/baidunews.php. The manipulation of the argument filename leads to cross-site request forgery. The attack can be launched remotely.…
- CVE-2024-28432Mar 13, 2024risk 0.00cvss —epss 0.00
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_edit.php.
- CVE-2024-28430Mar 13, 2024risk 0.00cvss —epss 0.00
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_edit.php.
- CVE-2024-28676Mar 13, 2024risk 0.00cvss —epss 0.00
DedeCMS v5.7 was discovered to contain a cross-site scripting (XSS) vulnerability via /dede/article_edit.php.
- CVE-2024-28665Mar 13, 2024risk 0.00cvss —epss 0.00
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_add.php
- CVE-2024-28672Mar 13, 2024risk 0.00cvss —epss 0.00
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/media_edit.php.
- CVE-2024-28684Mar 13, 2024risk 0.00cvss —epss 0.00
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/module_main.php
- CVE-2024-28678Mar 13, 2024risk 0.00cvss —epss 0.00
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_description_main.php
- CVE-2024-28671Mar 13, 2024risk 0.00cvss —epss 0.01
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/stepselect_main.php.
- CVE-2024-28666Mar 13, 2024risk 0.00cvss —epss 0.00
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/media_add.php
- CVE-2024-28667Mar 13, 2024risk 0.00cvss —epss 0.00
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/templets_one_edit.php
- CVE-2024-28431Mar 13, 2024risk 0.00cvss —epss 0.00
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_del.php.
- CVE-2024-28670Mar 13, 2024risk 0.00cvss —epss 0.00
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/freelist_main.php.
- CVE-2024-28675Mar 13, 2024risk 0.00cvss —epss 0.00
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/diy_edit.php
- CVE-2024-28682Mar 13, 2024risk 0.00cvss —epss 0.00
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/sys_cache_up.php.
- CVE-2024-28681Mar 13, 2024risk 0.00cvss —epss 0.00
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/plus_edit.php.
Page 5 of 9