CVE-2024-33749

Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7.114

Description The issue allows for the deletion of any file via the "mail file manage.php" script. This can potentially lead to significant data loss or system compromise. There is a mention of a Denial of Service (DoS) vulnerability, which could cause the system to crash. To prevent crashes, it is suggested to locate the affected function, analyze the code, and apply input validation and error handling.

Recommendations For DedeCMS version 5.7.114, update to a patched version if available. As a temporary workaround, consider restricting access to the "mail file manage.php" script to minimize the risk of exploitation. Apply input validation and error handling to prevent crashes.