CVE List

CVE-2023-27707

Critical 7.2

SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote attacker to execute arbitrary code via the rank_* parameter in the /dede/group_store.php endpoint.

Published March 16, 2023.

Affected software

Get alerts for Dedecms Dedecms

Reference links