Security Advisory

CVE-2025-15004

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-22 00:02:08

Last updated 2026-02-24 06:01:20

Assigner VulDB

State PUBLISHED

Description

A vulnerability was identified in DedeCMS up to 5.7.118. This impacts an unknown function of the file /freelist_main.php. The manipulation of the argument orderby leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

← Browse all CVEs View on cve.org ↗