CVE-2024-30855

High CVSS: 8.8

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/makehtml_list_action.php.

Vendor

Product

CWE

Yayın Tarihi

2025-12-29 20:15:41

Güncelleme

2026-01-02 13:43:49

Source Identifier

cve@mitre.org

KEV Date Added

CWE-352 Dedecms HIGH Dedecms 2025

https://gist.github.com/Limingqian123/e90a1b86c02bd83d4ab07c08cad9a629 https://github.com/Limingqian123/cms/blob/main/1.md https://github.com/Limingqian123/cms/blob/main/1.md

Critical

CVE-2026-30643

An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module u…

High

CVE-2026-29839

DedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability in /sys_task_add.php.

Critical

CVE-2026-30694

An issue in DedeCMS v.5.7.118 and before allows a remote attacker to execute arbitrary code via the array_filter compone…

Medium

CVE-2025-15004

A vulnerability was identified in DedeCMS up to 5.7.118. This impacts an unknown function of the file /freelist_main.php…

Medium

CVE-2025-6335

A vulnerability was found in DedeCMS up to 5.7.2 and classified as critical. This issue affects some unknown processing…

Medium

CVE-2025-5137

A vulnerability was found in DedeCMS 5.7.117. It has been classified as critical. Affected is an unknown function of the…