Loading market data...
← Back to CVE feed

CVE-2026-10606

HIGH CVSS 7.3 View on NVD ↗

Description

A vulnerability was determined in DedeCMS 5.7.88. The affected element is the function TrimMsg of the file /plus/feedback.php of the component Feedback Handler. Executing a manipulation of the argument msg can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Published: Jun 02, 2026 17:16 UTC Modified: Jun 02, 2026 20:16 UTC