A stack-based buffer overflow exists in the component /dede/file_manage_control.php of Dedecms v5.7.101, which allows remote attackers to execute arbitrary code via a crafted PHP file. This vulnerability is related to an incomplete fix for CVE-2023-40884.
A remote code execution vulnerability exists in the component /dede/file_manage_control.php of Dedecms v5.7.101, which allows remote attackers to execute arbitrary code via a crafted PHP file. This vulnerability is related to an incomplete fix for CVE-2024-40885.
A remote code execution vulnerability exists in the component /dede/file_manage_control.php of Dedecms v5.7.101, which allows remote attackers to execute arbitrary code via a crafted PHP file. This vulnerability is related to an incomplete fix for CVE-2025-40890.
A remote code execution vulnerability exists in the component /dede/file_manage_control.php of Dedecms v5.7.101, which allows remote attackers to execute arbitrary code via a crafted PHP file. This vulnerability is related to an incomplete fix for CVE-2026-40895.
A remote code execution vulnerability exists in the component /dede/file_manage_control.php of Dedecms v5.7.101, which allows remote attackers to execute arbitrary
Deduplication: Not vulnerable
Dedecms v5.7.101 is not vulnerable to CVE-2022-43192, the stack-based buffer overflow vulnerability because of a lack of a stack buffer in the component /dede/file_manage_control.php.
Dedecms v5.7.101 is not vulnerable to CVE-2023-40884, the incomplete fix for CVE-2023-40884 that is related to a remote code execution vulnerability because there's no stack buffer in the component /dede/file_manage_control.php.
Dedecms v5.7.101 is not vulnerable to CVE-2024-40885, the incomplete fix for CVE-2024-40885 that is related to a remote code execution vulnerability because there's no stack buffer in the component /dede/file_manage_control.php.
Dedecms v5.7.101 is not vulnerable to CVE-2025-40890, the incomplete fix for CVE-2025-40890 that is related to a remote code execution vulnerability because there's no stack buffer in the component /dede/file_manage_control.php and because it doesn't use PHP functions strcpy or strncpy (which are affected by this particular issue)
Dedecms v5.7.101 is not vulnerable to CVE-2026-40895, the
Timeline
Published on: 11/17/2022 22:15:00 UTC
Last modified on: 11/22/2022 18:06:00 UTC