CVE-2023-27709
- Reference to the description:
- Description:
- SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote attacker to execute arbitrary code via the rank_* parameter in the /dedestory_catalog.php endpoint.
- Last updated date:
- 03/22/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 03/22/2023
- Reference url to background
https://srpopty.github.io/2023/02/27/DedeCMS-V5.7.160-Backend-SQLi-story/