DedeBIZ templets_one_edit.php sql injection_CVE-2025-12859

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in DedeBIZ up to 6.3.2. This impacts an unknown function of the file /admin/templets_one_edit.php. The manipulation of the argument ids leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-12859

Source VulDB

Published Nov 7, 2025 at 15:02

Modified Nov 7, 2025 at 20:42

Affected Product

Vendor n/a

Product DedeBIZ

Version 6.3.0

Affected Versions n/a DedeBIZ 6.3.0
n/a DedeBIZ 6.3.1
n/a DedeBIZ 6.3.2

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in DedeBIZ up to 6.3.2. This impacts an unknown function of the file /admin/templets_one_edit.php. The manipulation of the argument ids leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.",
    "published": "2025-11-07T15:02:06.353Z",
    "modified": "2025-11-07T20:42:21.782Z",
    "type": "cve",
    "title": "DedeBIZ templets_one_edit.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.331506\nhttps://vuldb.com/?ctiid.331506\nhttps://vuldb.com/?submit.679106\nhttps://github.com/ZZCTD/zz_test/issues/1",
    "id": "CVE-2025-12859",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "n/a DedeBIZ 6.3.0\nn/a DedeBIZ 6.3.1\nn/a DedeBIZ 6.3.2",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DedeBIZ",
    "version": "6.3.0",
    "vendor": "n/a",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}