PT-2026-57627 · Undefined · Undefined

Dunkboy

·

Published

2026-07-13

·

Updated

2026-07-13

·

CVE-2026-15533

CVSS v2.0

5.8

Medium

VectorAV:N/AC:L/Au:M/C:P/I:P/A:P
A security flaw has been discovered in DedeCMS 5.7.118. Impacted is an unknown function of the file /plus/search.php of the component Column Management. Performing a manipulation of the argument Column Name results in code injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks.

Exploit

Fix

Special Elements Injection

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-15533

Affected Products

Undefined