DedeCMS 5.7 path disclosure

By
Jijith Rajan
Published on
10 Jan 2022
Vulnerability

Description

DedeCMS 5.7 allows remote attackers to discover the full path via a direct request to include/downmix.inc.php or inc/inc_archives_functions.php

Recommendations

  • Update DedeCMS to the latest version

Written by
Jijith Rajan
Jijith Rajan
Cyber Security Engineer
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days