Dedecms: >> Dedecms >> 5.7.87 Security Vulnerabilities
SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote attacker to execute arbitrary code via the rank_* parameter in the /dedestory_catalog.php endpoint.
CVSS Score
7.2
EPSS Score
0.016
Published
2023-03-16
dedecms <=V5.7.102 is vulnerable to SQL Injection. In sys_ sql_ n query.php there are no restrictions on the sql query.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-12-27
DedeCMS v5.7.87 was discovered to contain a SQL injection vulnerability in article_coonepage_rule.php via the ids parameter.
CVSS Score
9.8
EPSS Score
0.102
Published
2022-02-14
Page 3