CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28431
https://notcve.org/view.php?id=CVE-2024-28431
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_del.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/catalog_del.php. • https://github.com/itsqian797/cms/blob/main/3.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28666
https://notcve.org/view.php?id=CVE-2024-28666
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/media_add.php Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/media_add.php • https://github.com/777erp/cms/blob/main/2.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28670
https://notcve.org/view.php?id=CVE-2024-28670
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/freelist_main.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/freelist_main.php. • https://github.com/777erp/cms/blob/main/9.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28676
https://notcve.org/view.php?id=CVE-2024-28676
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a cross-site scripting (XSS) vulnerability via /dede/article_edit.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross Site Scripting (XSS) a través de /dede/article_edit.php. • https://github.com/777erp/cms/blob/main/18.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28667
https://notcve.org/view.php?id=CVE-2024-28667
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/templets_one_edit.php Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/templets_one_edit.php • https://github.com/777erp/cms/blob/main/6.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28675
https://notcve.org/view.php?id=CVE-2024-28675
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/diy_edit.php Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/diy_edit.php • https://github.com/777erp/cms/blob/main/12.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28684
https://notcve.org/view.php?id=CVE-2024-28684
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/module_main.php Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/module_main.php • https://github.com/777erp/cms/blob/main/16.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28681
https://notcve.org/view.php?id=CVE-2024-28681
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/plus_edit.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/plus_edit.php. • https://github.com/777erp/cms/blob/main/17.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28430
https://notcve.org/view.php?id=CVE-2024-28430
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_edit.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente /dede/catalog_edit.php. • https://github.com/itsqian797/cms/blob/main/1.md •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28677
https://notcve.org/view.php?id=CVE-2024-28677
13 Mar 2024 — DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/article_keywords_main.php. Se descubrió que DedeCMS v5.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través de /dede/article_keywords_main.php. • https://github.com/777erp/cms/blob/main/14.md • CWE-352: Cross-Site Request Forgery (CSRF) •