favicon
DedeCMS

CPE Prefix

General information

Website
Description
Domestic professional PHP website content management system-Dream Weaving Content Management System
Organization
Repository
Versions Page
Release Date

Domains using this technology

40.2K
Domain
Security Score
Security Score analyzes found vulnerabilities and indicates a lower or higher risk level of the potential attacks.
Site Title
DNS A record
4657rvl.sweety2000.com favicon
4657rvl.sweety2000.com
200
OK
Low
100 / 100 - Low security risk
黄精灵芝蹄筋汤网
-
-
ywc8n.xsyfw.com favicon
ywc8n.xsyfw.com
200
OK
Low
100 / 100 - Low security risk
恩德如山网
-
-
u5z.hzyunruo.com favicon
u5z.hzyunruo.com
200
OK
Low
100 / 100 - Low security risk
公女乱小说合集,公女乱小说合集 新闻,公女乱小说合集小雄,公女乱小说合集TXT
-
-
jern4.amherstpharmaceuticals.com favicon
jern4.amherstpharmaceuticals.com
200
OK
Low
100 / 100 - Low security risk
火烛银花网
-
-

IPv4 hosts using this technology

715
IP
Security Score
Security Score analyzes found vulnerabilities and indicates a lower or higher risk level of the potential attacks.
Open Ports
Hosted domains
Country
Severe
25 / 100 - Severe security risk
6
Medium
50 / 100 - Medium security risk
4
Elevated
60 / 100 - Elevated security risk
5
Low
100 / 100 - Low security risk
1

Known vulnerabilities

36
CVE ID
Severity
Description
MEDIUM
A file upload issue exists in DeDeCMS before 5.7-sp1, which allows malicious users getshell.
HIGH
DedeCMS through 5.7 has SQL Injection via the logo parameter to plus/flink_add.php.
MEDIUM
DedeCMS through 5.6 allows arbitrary file upload and PHP code execution by embedding the PHP code in a .jpg file, which is used in the templet parameter to member/article_edit.php.
MEDIUM
Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/pm.php folder parameter.