A vulnerability has been found in DedeCMS 5.7.112-UTF8 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file update_guide.php. The manipulation of the argument files leads to path traversal: '../filedir'. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260473 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
History

Tue, 08 Apr 2025 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Dedecms
Dedecms dedecms
Weaknesses CWE-22
CPEs cpe:2.3:a:dedecms:dedecms:5.7.112:*:*:*:*:*:*:*
Vendors & Products Dedecms
Dedecms dedecms

cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2024-08-15T15:44:09.447Z

Reserved: 2024-04-12T06:40:40.895Z

Link: CVE-2024-3686

cve-icon Vulnrichment

Updated: 2024-08-01T20:20:01.013Z

cve-icon NVD

Status : Analyzed

Published: 2024-04-12T14:15:08.003

Modified: 2025-04-08T16:29:52.190

Link: CVE-2024-3686

cve-icon Redhat

No data.