Ewoji

**Name of the Vulnerable Software and Affected Versions** DedeCMS versions up to 5.7.2 **Description** A critical vulnerability was found in DedeCMS affecting the Template Handler component. The issue resides in some unknown processing of the file `/include/dedetag.class.php`. Manipulation of the argument notes leads to command injection, and the attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** DedeCMS versions prior to 5.7.2: At the moment, there is no information about a newer version that contains a fix for this vulnerability.