CVE-2025-14648 | DedeBIZ up to 6.5.9 catalog_add.php command injection

A vulnerability, which was classified as critical, was found in DedeBIZ up to 6.5.9. Affected by this vulnerability is an unknown functionality of the file /src/admin/catalog_add.php. Such manipulation leads to command injection.

This vulnerability is referenced as CVE-2025-14648. It is possible to launch the attack remotely. Furthermore, an exploit is available.VulDB Recent EntriesRead More