Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Dedecms Subscribe
Filtered by product Dedecms
Total 61 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-1097 1 Dedecms 1 Dedecms 2010-12-13 6.8 MEDIUM N/A
include/userlogin.class.php in DeDeCMS 5.5 GBK, when session.auto_start is enabled, allows remote attackers to bypass authentication and gain administrative access via a value of 1 for the _SESSION[dede_admin_id] parameter, as demonstrated by a request to uploads/include/dialog/select_soft_post.php.