Enviar #710164: DedeBIZ 6.5.9 Code Injectioninformación

TítuloDedeBIZ 6.5.9 Code Injection
DescripciónSome backend modules of DedeBIZ (DedeCMS Commercial Edition) fail to perform security validation on file content when processing user input, allowing attackers with backend privileges to directly write arbitrary PHP code into server files. Attackers can use this feature to write files containing malicious PHP code, and then access those files to trigger code execution, thereby achieving remote code execution (RCE).
Fuente⚠️ https://github.com/HOrange147/CVE/blob/main/DedeBIZ%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C.pdf
Usuario
 formanagain (UID 93347)
Sumisión2025-12-09 11:01 (hace 4 meses)
Moderación2025-12-13 10:09 (4 days later)
EstadoAceptado
Entrada de VulDB336381 [DedeBIZ hasta 6.5.9 catalog_add.php escalada de privilegios]
Puntos19

AnteriorVisión De ConjuntoPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!