Security Advisory

CVE-2025-12861

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-07 16:02:05
Last updated 2026-02-24 06:24:35
Assigner VulDB
State PUBLISHED

Description

A vulnerability was determined in DedeBIZ up to 6.3.2. Affected by this vulnerability is an unknown functionality of the file /admin/spec_add.php. This manipulation of the argument flags[] causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.