Tsq741

**Name of the Vulnerable Software and Affected Versions** DedeCMS version 5.7.114 **Description** The issue concerns an arbitrary file upload vulnerability located on the media add .php page in the backend of the website. **Recommendations** For version 5.7.114, consider restricting access to the media add .php page in the backend until a patch is available. As a temporary workaround, avoid using the media upload functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.