Dedecms: >> Dedecms >> 5.7 Security Vulnerabilities
The plus/search.php component in DedeCMS 5.7 SP2 allows remote attackers to execute arbitrary PHP code via the typename parameter because the contents of typename.inc are under an attacker's control.
CVSS Score
8.8
EPSS Score
0.002
Published
2021-08-24
SQL Injection vulnerability in DedeCMS 5.7 via mdescription parameter to member/ajax_membergroup.php.
CVSS Score
9.8
EPSS Score
0.009
Published
2021-06-16
A XSS Vulnerability in /uploads/dede/action_search.php in DedeCMS V5.7 SP2 allows an authenticated user to execute remote arbitrary code via the keyword parameter.
CVSS Score
5.4
EPSS Score
0.004
Published
2021-05-15
DedeCMS V5.7 SP2 contains a CSRF vulnerability that allows a remote attacker to send a malicious request to to the web manager allowing remote code execution.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-05-15
A file upload issue exists in DeDeCMS before 5.7-sp1, which allows malicious users getshell.
CVSS Score
8.8
EPSS Score
0.385
Published
2020-01-06
In DedeCMS 5.7SP2, member/resetpassword.php allows remote authenticated users to reset the passwords of arbitrary users via a modified id parameter, because the key parameter is not properly validated.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-03-24
In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ directory (without being blocked by the Web Application Firewall), and then execute this file, via this sequence of steps: visiting the management page, clicking on the template, clicking on Default Template Management, clicking on New Template, and modifying the filename from ../index.html to ../index.php.
CVSS Score
8.8
EPSS Score
0.244
Published
2019-02-19
DedeCMS through V5.7SP2 allows arbitrary file upload in dede/album_edit.php or dede/album_add.php, as demonstrated by a dede/album_edit.php?dopost=save&formzip=1 request with a ZIP archive that contains a file such as "1.jpg.php" (because input validation only checks that .jpg, .png, or .gif is present as a substring, and does not otherwise check the file name or content).
CVSS Score
7.5
EPSS Score
0.002
Published
2019-02-16
uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variation of the .php extension, as demonstrated by the 1.pHP filename.
CVSS Score
8.8
EPSS Score
0.009
Published
2019-01-15
An issue was discovered in DedeCMS V5.7 SP2. uploads/include/dialog/select_images_post.php allows remote attackers to upload and execute arbitrary PHP code via a double extension and a modified ".php" substring, in conjunction with the image/jpeg content type, as demonstrated by the filename=1.jpg.p*hp value.
CVSS Score
8.8
EPSS Score
0.696
Published
2018-12-13