5 matches found
EUVD-2025-38271
A vulnerability was determined in DedeBIZ up to 6.3.2. Affected by this vulnerability is an unknown functionality of the file /admin/specadd.php. This manipulation of the argument flags causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...
CVE-2025-12861
A vulnerability was determined in DedeBIZ up to 6.3.2. Affected by this vulnerability is an unknown functionality of the file /admin/specadd.php. This manipulation of the argument flags causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...
CVE-2025-12861
A vulnerability was determined in DedeBIZ up to 6.3.2. Affected by this vulnerability is an unknown functionality of the file /admin/specadd.php. This manipulation of the argument flags causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...
CVE-2025-12861
CVE-2025-12861 affects DedeBIZ up to version 6.3.2. The vulnerability resides in /admin/spec_add.php, where manipulation of the flags[] parameter enables SQL injection. Exploitation is remote and public. Remediation: update to a fixed version (6.3.2+ or later) or apply vendor-provided mitigations.
PT-2025-45465
Name of the Vulnerable Software and Affected Versions DedeBIZ versions up to 6.3.2 Description A flaw exists in DedeBIZ that allows for remote SQL injection. This issue is related to the manipulation of the flags argument within the /admin/spec add.php file. The exploit for this issue has been...