CVSS 3.1 Score 6.3 of 10 (medium)


Published Apr 2, 2024


A critical vulnerability, identified as CVE-2024-3148, has been discovered in DedeCMS 5.7.112. The vulnerability affects the file dede/makehtml_archives_action.php and can be exploited through remote means. It allows for SQL injection attacks that can potentially compromise the security of the affected system. The exploit has been made public and is available for use. Although the vendor was informed about this vulnerability, they did not respond. The associated identifier for this vulnerability is VDB-258923.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-3148 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options