CNNVD-202511-772 Information

CNNVD ID

CNNVD-202511-772

Related CVE

CVE-2025-12859

• CNNVD Published: 2025-11-07

Description (Chinese)

DedeBIZ是中国穆云智能（DedeBIZ）公司的一个内容管理系统。 DedeBIZ 6.3.2及之前版本存在安全漏洞，该漏洞源于对文件/admin/templets_one_edit.php中参数ids的错误操作，可能导致SQL注入攻击。

Description (English)

DedeBIZ is a content management system for DedeBIZ in China. DedeBIZ 6.3.2 and previous versions contained a security loophole, which resulted from the wrong operation of the parameter ids in the document/admin/templets one edit.php, which could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

穆云智能

Published

2025-11-07

Last Modified

2026-02-24

References

https://github.com/ZZCTD/zz_test/issues/1 https://vuldb.com/?ctiid.331506 https://vuldb.com/?id.331506 https://vuldb.com/?submit.679106 https://access.redhat.com/security/cve/cve-2025-12859

Patch

https://www.dedebiz.com/download