PT-2023-32032 · Dedecms · Dedecms
Published
2023-10-05
·
Updated
2023-10-07
·
CVE-2023-5312
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
DedeCMS version 5.7.111
Description
A critical issue has been found in DedeCMS, affecting an unknown function of the file baidunews.php. The manipulation leads to unrestricted upload.
Recommendations
For DedeCMS version 5.7.111, consider restricting access to the baidunews.php file until a patch is available. As a temporary workaround, avoid using the file baidunews.php to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Dedecms