CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28665
https://notcve.org/view.php?id=CVE-2024-28665
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_add.php Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/article_add.php • https://github.com/777erp/cms/blob/main/1.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28667
https://notcve.org/view.php?id=CVE-2024-28667
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/templets_one_edit.php Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/templets_one_edit.php • https://github.com/777erp/cms/blob/main/6.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28684
https://notcve.org/view.php?id=CVE-2024-28684
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/module_main.php Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/module_main.php • https://github.com/777erp/cms/blob/main/16.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28683
https://notcve.org/view.php?id=CVE-2024-28683
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a cross-site scripting (XSS) vulnerability via create file. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross Site Scripting (XSS) mediante la creación de un archivo. • https://github.com/777erp/cms/blob/main/20.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28676
https://notcve.org/view.php?id=CVE-2024-28676
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a cross-site scripting (XSS) vulnerability via /dede/article_edit.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross Site Scripting (XSS) a través de /dede/article_edit.php. • https://github.com/777erp/cms/blob/main/18.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28682
https://notcve.org/view.php?id=CVE-2024-28682
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/sys_cache_up.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/sys_cache_up.php. • https://github.com/777erp/cms/blob/main/13.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28669
https://notcve.org/view.php?id=CVE-2024-28669
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/freelist_edit.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/freelist_edit.php. • https://github.com/777erp/cms/blob/main/10.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28680
https://notcve.org/view.php?id=CVE-2024-28680
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/diy_add.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/diy_add.php. • https://github.com/777erp/cms/blob/main/11.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28430
https://notcve.org/view.php?id=CVE-2024-28430
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_edit.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/catalog_edit.php. • https://github.com/itsqian797/cms/blob/main/1.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28681
https://notcve.org/view.php?id=CVE-2024-28681
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/plus_edit.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/plus_edit.php. • https://github.com/777erp/cms/blob/main/17.md • CWE-352: Cross-Site Request Forgery (CSRF) •