Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

DedeCMS — Vulnerabilities & Security Advisories 42

All 42 CVE vulnerabilities found in DedeCMS, with AI-generated Chinese analysis, references, and POCs.

Vendor: n/a

CVE IDTitleCVSSSeverityPublished
CVE-2025-15004 DedeCMS freelist_main.php sql injection CWE-89 6.3 Medium2025-12-22
CVE-2025-6335 DedeCMS Template dedetag.class.php command injection CWE-77 4.7 Medium2025-06-20
CVE-2025-5137 DedeCMS Incomplete Fix CVE-2018-9175 sys_verifies.php code injection CWE-94 4.7 Medium2025-05-25
CVE-2024-12183 DedeCMS HTTP POST Request carbuyaction.php RemoveXSS cross site scripting CWE-79 3.5 Low2024-12-04
CVE-2024-12182 DedeCMS soft_add.php cross site scripting CWE-79 3.5 Low2024-12-04
CVE-2024-12181 DedeCMS SWF File uploads_add.php cross site scripting CWE-79 3.5 Low2024-12-04
CVE-2024-12180 DedeCMS article_add.php cross site scripting CWE-79 3.5 Low2024-12-04
CVE-2024-11138 DedeCMS friendlink_add.php unrestricted upload CWE-434 2.7 Low2024-11-12
CVE-2024-9076 DedeCMS article_string_mix.php os command injection CWE-78 4.7 Medium2024-09-22
CVE-2024-6940 DedeCMS article_template_rand.php code injection CWE-94 4.7 Medium2024-07-21
CVE-2024-4790 DedeCMS path traversal CWE-24 4.3 Medium2024-05-11
CVE-2024-4594 DedeCMS sys_safe.php cross-site request forgery CWE-352 4.3 Medium2024-05-07
CVE-2024-4593 DedeCMS sys_multiserv.php cross-site request forgery CWE-352 4.3 Medium2024-05-07
CVE-2024-4592 DedeCMS sys_group_edit.php cross-site request forgery CWE-352 4.3 Medium2024-05-07
CVE-2024-4591 DedeCMS sys_group_add.php cross-site request forgery CWE-352 4.3 Medium2024-05-07
CVE-2024-4590 DedeCMS sys_info.php cross-site request forgery CWE-352 4.3 Medium2024-05-07
CVE-2024-4589 DedeCMS mytag_edit.php cross-site request forgery CWE-352 4.3 Medium2024-05-07
CVE-2024-4588 DedeCMS mytag_add.php cross-site request forgery CWE-352 4.3 Medium2024-05-07
CVE-2024-4587 DedeCMS tpl.php cross-site request forgery CWE-352 4.3 Medium2024-05-07
CVE-2024-4586 DedeCMS shops_delivery.php cross-site request forgery CWE-352 4.3 Medium2024-05-07
CVE-2024-4585 DedeCMS member_type.php cross-site request forgery CWE-352 4.3 Medium2024-05-07
CVE-2024-3686 DedeCMS update_guide.php path traversal CWE-24 4.3 Medium2024-04-12
CVE-2024-3685 DedeCMS stepselect_main.php sql injection CWE-89 6.3 Medium2024-04-12
CVE-2024-3148 DedeCMS makehtml_archives_action.php sql injection CWE-89 6.3 Medium2024-04-02
CVE-2024-3147 DedeCMS makehtml_map.php cross-site request forgery CWE-352 4.3 Medium2024-04-02
CVE-2024-3146 DedeCMS makehtml_rss_action.php cross-site request forgery CWE-352 4.3 Medium2024-04-02
CVE-2024-3145 DedeCMS makehtml_js_action.php cross-site request forgery CWE-352 4.3 Medium2024-04-02
CVE-2024-3144 DedeCMS makehtml_spec.php cross-site request forgery CWE-352 4.3 Medium2024-04-02
CVE-2024-3143 DedeCMS member_rank.php cross-site request forgery CWE-352 4.3 Medium2024-04-02
CVE-2024-2823 DedeCMS mda_main.php cross-site request forgery CWE-352 4.3 Medium2024-03-22

All 42 known CVE vulnerabilities affecting DedeCMS with full Chinese analysis, references, and POCs where available.