A file uploading vulnerability exists in /include/helpers/upload.helper.php in DedeCMS V5.7 SP2, which can be utilized by attackers to upload and execute arbitrary PHP code via the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
File Upload
PHP
Dedecms
NVD
GitHub
CVSS 3.0
9.8
EPSS
1.2%
An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Authentication Bypass
PHP
Phpliteadmin
NVD
GitHub
CVSS 3.0
9.8
EPSS
1.5%