CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-17727

DedeCMS through 5.6 allows arbitrary file upload and PHP code execution by embedding the PHP code in a .jpg file, which is used in the templet parameter to member/article_edit.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.2%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://www.seebug.org/vuldb/ssvid-20050
https://www.seebug.org/vuldb/ssvid-20050

Products affected by CVE-2017-17727

Dedecms » Dedecms » Version: N/A

cpe:2.3:a:dedecms:dedecms:-
Dedecms » Dedecms » Version: 5.5

cpe:2.3:a:dedecms:dedecms:5.5
Dedecms » Dedecms » Version: 5.6

cpe:2.3:a:dedecms:dedecms:5.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-17727

Products

Pricing

Contact Us