NotCVE - vendor:"Dedecms"

Page 4 of 144 results (0.002 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2024-2820 – DedeCMS baidunews.php cross-site request forgery

https://notcve.org/view.php?id=CVE-2024-2820

22 Mar 2024 — A vulnerability classified as problematic was found in DedeCMS 5.7. Affected by this vulnerability is an unknown functionality of the file /src/dede/baidunews.php. The manipulation of the argument filename leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/demo/blob/main/26.pdf • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28670

https://notcve.org/view.php?id=CVE-2024-28670

13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/freelist_main.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/freelist_main.php. • https://github.com/777erp/cms/blob/main/9.md • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28678

https://notcve.org/view.php?id=CVE-2024-28678

13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_description_main.php Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/article_description_main.php • https://github.com/777erp/cms/blob/main/15.md • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28432

https://notcve.org/view.php?id=CVE-2024-28432

13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_edit.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/article_edit.php. • https://github.com/itsqian797/cms/blob/main/4.md • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28677

https://notcve.org/view.php?id=CVE-2024-28677

13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/article_keywords_main.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/article_keywords_main.php. • https://github.com/777erp/cms/blob/main/14.md • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28666

https://notcve.org/view.php?id=CVE-2024-28666

13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/media_add.php Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/media_add.php • https://github.com/777erp/cms/blob/main/2.md • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28671

https://notcve.org/view.php?id=CVE-2024-28671

13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/stepselect_main.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/stepselect_main.php. • https://github.com/777erp/cms/blob/main/7.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28431

https://notcve.org/view.php?id=CVE-2024-28431

13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_del.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/catalog_del.php. • https://github.com/itsqian797/cms/blob/main/3.md • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28675

https://notcve.org/view.php?id=CVE-2024-28675

13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/diy_edit.php Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/diy_edit.php • https://github.com/777erp/cms/blob/main/12.md • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28668

https://notcve.org/view.php?id=CVE-2024-28668

13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/mychannel_add.php Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/mychannel_add.php • https://github.com/777erp/cms/blob/main/5.md • CWE-918: Server-Side Request Forgery (SSRF) •

1 2 3 4 5