zzq66/cve

Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-43226. Reason: This candidate is a reservation duplicate of CVE-2023-43226. Notes: All CVE users should reference CVE-2023-43226 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

An arbitrary file upload vulnerability in dede/baidunews.php in DedeCMS 5.7.111 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file.