Shodan
Vulnerabilities
Vulnerable Software
Dedecms:  >> Dedecms  >> 5.7  Security Vulnerabilities
CVE-2024-2820
A vulnerability classified as problematic was found in DedeCMS 5.7. Affected by this vulnerability is an unknown functionality of the file /src/dede/baidunews.php. The manipulation of the argument filename leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257707. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-03-22
CVE-2024-2821
A vulnerability, which was classified as problematic, has been found in DedeCMS 5.7. Affected by this issue is some unknown functionality of the file /src/dede/friendlink_edit.php. The manipulation of the argument id leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257708. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
4.3
EPSS Score
0.0
Published
2024-03-22
CVE-2024-28669
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/freelist_edit.php.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-03-13
CVE-2024-28670
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/freelist_main.php.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-03-13
CVE-2024-28671
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/stepselect_main.php.
CVSS Score
8.8
EPSS Score
0.005
Published
2024-03-13
CVE-2024-28672
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/media_edit.php.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-03-13
CVE-2024-28673
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/mychannel_edit.php.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-03-13
CVE-2024-28676
DedeCMS v5.7 was discovered to contain a cross-site scripting (XSS) vulnerability via /dede/article_edit.php.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-03-13
CVE-2024-28677
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/article_keywords_main.php.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-03-13
CVE-2024-28678
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_description_main.php
CVSS Score
6.3
EPSS Score
0.001
Published
2024-03-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved