CVE-2024-35375

There is an arbitrary file upload vulnerability on the media add .php page in the backend of the website in version 5.7.114 of DedeCMS
Configurations

Configuration 1 (hide)

cpe:2.3:a:dedecms:dedecms:5.7.114:*:*:*:*:*:*:*

History

01 Apr 2025, 18:05

Type Values Removed Values Added
References () http://shtaoism.com/ - () http://shtaoism.com/ - Broken Link
References () https://gist.github.com/Tsq741/a16015209fa8728d505c4f82b4f518cd - () https://gist.github.com/Tsq741/a16015209fa8728d505c4f82b4f518cd - Third Party Advisory
CPE cpe:2.3:a:dedecms:dedecms:5.7.114:*:*:*:*:*:*:*
First Time Dedecms
Dedecms dedecms

21 Nov 2024, 15:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CWE CWE-434
Summary
  • (es) Existe una vulnerabilidad de carga de archivos arbitraria en la página .php de adición de medios en el backend del sitio web en la versión 5.7.114 de DedeCMS.
References () http://shtaoism.com/ - () http://shtaoism.com/ -
References () https://gist.github.com/Tsq741/a16015209fa8728d505c4f82b4f518cd - () https://gist.github.com/Tsq741/a16015209fa8728d505c4f82b4f518cd -

23 May 2024, 19:16

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-23 19:16

Updated : 2025-04-01 18:05


NVD link : CVE-2024-35375

Mitre link : CVE-2024-35375

CVE.ORG link : CVE-2024-35375


JSON object : View

Products Affected

dedecms

  • dedecms
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type