Shodan
Vulnerabilities
Vulnerable Software
Dedecms:  >> Dedecms  Security Vulnerabilities
CVE-2022-30508
DedeCMS v5.7.93 was discovered to contain arbitrary file deletion vulnerability in upload.php via the delete parameter.
CVSS Score
6.5
EPSS Score
0.008
Published
2022-05-26
CVE-2022-23337
DedeCMS v5.7.87 was discovered to contain a SQL injection vulnerability in article_coonepage_rule.php via the ids parameter.
CVSS Score
9.8
EPSS Score
0.098
Published
2022-02-14
CVE-2020-36490
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-10-22
CVE-2020-36491
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component tags_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-10-22
CVE-2020-36492
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component select_media.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-10-22
CVE-2020-36493
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component media_main.php via the `activepath`, `keyword`, `tag`, `fmdo=x&filename`, `CKEditor` and `CKEditorFuncNum` parameters.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-10-22
CVE-2020-36494
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component mychannel_edit.php via the `filename`, `mid`, `userid`, and `templet' parameters.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-10-22
CVE-2020-36495
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_manage_view.php via the `filename`, `mid`, `userid`, and `templet' parameters.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-10-22
CVE-2020-36496
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component sys_admin_user_edit.php via the `filename`, `mid`, `userid`, and `templet' parameters.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-10-22
CVE-2020-36497
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component makehtml_homepage.php via the `filename`, `mid`, `userid`, and `templet' parameters.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-10-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved