CVE-2026-10581 | DedeCMS 5.7.88 download.php?open=1 base64_decode Link server-side request forgery

A vulnerability was found in DedeCMS 5.7.88. It has been rated as critical. Affected by this vulnerability is the function base64_decode of the file /plus/download.php?open=1. This manipulation of the argument Link causes server-side request forgery.

This vulnerability is registered as CVE-2026-10581. Remote exploitation of the attack is possible. Furthermore, an exploit is available.VulDB Recent EntriesRead More