CVE-2025-12861 | DedeBIZ up to 6.3.2 /admin/spec_add.php flags[] sql injection

A vulnerability, which was classified as critical, has been found in DedeBIZ up to 6.3.2. Affected by this vulnerability is an unknown functionality of the file /admin/spec_add.php. This manipulation of the argument flags[] causes sql injection.

This vulnerability is tracked as CVE-2025-12861. The attack is possible to be carried out remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More