CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-3578

A vulnerability classified as critical was found in DedeCMS 5.7.109. Affected by this vulnerability is an unknown functionality of the file co_do.php. The manipulation of the argument rssurl leads to server-side request forgery. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-233371.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.696

EPSS Ranking 98.6%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 5.2

References

https://github.com/nightcloudos/cve/blob/main/SSRF.md
https://vuldb.com/?ctiid.233371
https://vuldb.com/?id.233371
https://github.com/nightcloudos/cve/blob/main/SSRF.md
https://vuldb.com/?ctiid.233371
https://vuldb.com/?id.233371

Products affected by CVE-2023-3578

Dedecms » Dedecms » Version: 5.7.109

cpe:2.3:a:dedecms:dedecms:5.7.109

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-3578

Products

Pricing

Contact Us