DedeBIZ SQL Injection Vulnerability in spec_add.php Affected Versions Prior to 6.3.2

A SQL injection vulnerability has been identified in DedeBIZ CMS versions prior to 6.3.2. The issue arises in the admin/spec_add.php file, where the flags[] parameter is manipulated and directly inserted into SQL statements without proper security filtering. This vulnerability can be exploited remotely, and a public exploit is available.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can interfere with the application's database queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.

Reproduction

To reproduce this vulnerability, access the admin/spec_add.php page and log in with the necessary credentials. Once on the page, submit a request with a crafted flags[] parameter that includes SQL injection payloads. The SQL injection will be triggered when the application processes the request and executes the SQL command with the injected payloads.