HomePentest-Tools.com Logo

DedeCMS 5.x SQL Injection Vulnerability CVE-2023-27709

Severity
CVSSv3 Score
7.2
Vulnerability description

DedeCMS is prone to an SQL injection vulnerability.

Risk description

An SQL injection vulnerability allows a remote attacker to execute arbitrary code via the rank_* parameter in the /dede/story_catalog.php endpoint.

Recommendation

No known solution is available as of 17th March, 2023. Information regarding this issue will be updated once solution details are available.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 16, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available