CVE-2025-6335 | DedeCMS up to 5.7.2 Template dedetag.class.php notes command injection

June 19, 2025 Yanac

A vulnerability was found in DedeCMS up to 5.7.2 and classified as critical. This issue affects some unknown processing of the file /include/dedetag.class.php of the component Template Handler. The manipulation of the argument notes leads to command injection.

The identification of this vulnerability is CVE-2025-6335. The attack may be initiated remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More