| Title | SQL injection vulnerability exists in DedeBIZ V6.2 in /src/admin/tags_main.php |
|---|
| Description | The DedeBIZ system is developed based on PHP7 version, has strong scalability, and is completely open source. DedeBIZ supports design and development using the popular Go language. It is easy to use, flexible and expandable, and is more secure and efficient. Simple template design and production has always been a major feature of the system. It continues the previous tags and uses the responsive template engine Bootstrap as the system template rendering engine, making it easier to build cross-terminal and mobile full-media sites.
[Suggested description]
SQL injection vulnerability exists in DedeBIZ V6.2 in /src/admin/tags_main.php
[Vulnerability Type]
SQL INJECTION
[Vendor of Product]
https://github.com/DedeBIZ/DedeV6
[Affected Product Code Base]
DedeBIZ V6.2
[Affected Component]
File: /src/admin/tags_main.php
Parameter: ids
[Attack Type]
Remote |
|---|
| Source | ⚠️ https://github.com/yhy217/dedebiz--vul/issues/1 |
|---|
| User | jamspilly (UID 54414) |
|---|
| Submission | 09/21/2023 07:10 (3 years ago) |
|---|
| Moderation | 09/29/2023 07:44 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 240879 [DedeBIZ 6.2 /src/admin/tags_main.php ids sql injection] |
|---|
| Points | 20 |
|---|