EUVD-2025-203288

A security vulnerability has been detected in DedeBIZ up to 6.5.9. Affected by this vulnerability is an unknown functionality of the file /src/admin/catalogadd.php. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly...

CVE-2023-43275

Cross-Site Request Forgery CSRF vulnerability in DedeCMS v5.7 in 110 backend management interface via /catalogadd.php, allows attackers to create crafted web pages due to a lack of verification of the token value of the submitted form...