A vulnerability was found in DedeCMS up to 5.7.106. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file uploads/dede/article_allowurl_edit.php. The manipulation of the argument allurls leads to code injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-230083.
References
Link | Resource |
---|---|
https://github.com/testwordpress123/cve/blob/main/dedecms.md | Broken Link |
https://vuldb.com/?ctiid.230083 | Third Party Advisory |
https://vuldb.com/?id.230083 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: VulDB
Published: 2023-05-27T09:31:02.849Z
Updated: 2023-10-23T07:18:15.711Z
Reserved: 2023-05-27T07:41:00.886Z
Link: CVE-2023-2928
JSON object: View
NVD Information
Status : Modified
Published: 2023-05-27T10:15:09.840
Modified: 2024-05-17T02:23:22.690
Link: CVE-2023-2928
JSON object: View
Redhat Information
No data.
CWE