Vulnerability Database

309,237

Total vulnerabilities in the database

CVE-2024-28666

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/media_add.php

  • Published: Mar 13, 2024
  • Updated: Nov 16, 2025
  • CVE: CVE-2024-28666
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

CWEs:

Software From Fixed in
dedecms / dedecms 5.7 5.7.x