CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28671
https://notcve.org/view.php?id=CVE-2024-28671
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/stepselect_main.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/stepselect_main.php. • https://github.com/777erp/cms/blob/main/7.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28678
https://notcve.org/view.php?id=CVE-2024-28678
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_description_main.php Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/article_description_main.php • https://github.com/777erp/cms/blob/main/15.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28665
https://notcve.org/view.php?id=CVE-2024-28665
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_add.php Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/article_add.php • https://github.com/777erp/cms/blob/main/1.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28669
https://notcve.org/view.php?id=CVE-2024-28669
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/freelist_edit.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/freelist_edit.php. • https://github.com/777erp/cms/blob/main/10.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28680
https://notcve.org/view.php?id=CVE-2024-28680
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/diy_add.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/diy_add.php. • https://github.com/777erp/cms/blob/main/11.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28683
https://notcve.org/view.php?id=CVE-2024-28683
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a cross-site scripting (XSS) vulnerability via create file. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross Site Scripting (XSS) mediante la creación de un archivo. • https://github.com/777erp/cms/blob/main/20.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28673
https://notcve.org/view.php?id=CVE-2024-28673
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/mychannel_edit.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/mychannel_edit.php. • https://github.com/777erp/cms/blob/main/4.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28429
https://notcve.org/view.php?id=CVE-2024-28429
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/archives_do.php Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/archives_do.php • https://github.com/itsqian797/cms/blob/main/2.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28682
https://notcve.org/view.php?id=CVE-2024-28682
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/sys_cache_up.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/sys_cache_up.php. • https://github.com/777erp/cms/blob/main/13.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28432
https://notcve.org/view.php?id=CVE-2024-28432
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_edit.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/article_edit.php. • https://github.com/itsqian797/cms/blob/main/4.md • CWE-352: Cross-Site Request Forgery (CSRF) •