CVE-2024-28429

MEDIUM Year: 2024
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-352
View all →

Vulnerability Description

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/archives_do.php

Related Vulnerabilities

CVE-2017-0045

MEDIUM
CVSS:5.5(Medium)

Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Vista SP2 does not properly parse crafted .msdvd files, which allows attackers to obtain information to compromise a...

CWE-3522017

CVE-2023-7229

MEDIUM
CVSS:5.5(Medium)

The illi Link Party! WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.

CWE-3522023

CVE-2024-28666

MEDIUM
CVSS:5.5(Medium)

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/media_add.php

CWE-3522024

CVE-2024-30946

MEDIUM
CVSS:5.5(Medium)

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/co_do.php.

CWE-3522024

CVE-2024-35557

MEDIUM
CVSS:5.5(Medium)

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsApi_deal.php?mudi=rev&nohrefStr=close.

CWE-3522024