CVE-2025-12860 | DedeBIZ up to 6.3.2 /admin/freelist_main.php orderby sql injection

A vulnerability classified as critical was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admin/freelist_main.php. The manipulation of the argument orderby results in sql injection.

This vulnerability is identified as CVE-2025-12860. The attack can be executed remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More