| पदवी | DedeBIZ CMS v6.3.2 archives_add.php SQL Injection |
|---|
| वर्णन | SQL Injection Vulnerability in DedeCMS archives_add.php File via flags[] Parameter
A critical sql injection vulnerability has been identified in DedeBIZ CMS version 6.3.2.The vulnerability is in admin/archives_add.php.In the document publishing function of DedeCMS, the archives_add.php file improperly handles the flags[] array parameter without adequate filtering and escaping, allowing attackers to perform SQL injection attacks by constructing malicious flags array parameters. An immediate remedy is recommended, To protect the system from potential attacks. |
|---|
| उगम | ⚠️ https://github.com/ZZCTD/zz_test/issues/4 |
|---|
| उपयोगकर्ता | ZZCTD (UID 89357) |
|---|
| आधीनता | 24/10/2025 04:09 AM (4 महिने ago) |
|---|
| नेमस्तपणा | 09/11/2025 08:00 AM (16 days later) |
|---|
| स्थान | मान्य केले |
|---|
| VulDB entry | 331647 [DedeBIZ जोपर्यंत 6.3.2 /admin/archives_add.php flags[] एसक्यूएल इंजेक्शन] |
|---|
| मुद्दे | 20 |
|---|