Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crmeb crmeb 1.3.4 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-1608
A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. It has been declared as critical. This vulnerability affects the function getAdminList of the file /api/admin/store/product/list. The manipulation of the argument cateId leads to sql injection. The attack can be init...
Crmeb Crmeb Java
7.2
CVSSv3
CVE-2023-25223
CRMEB <=1.3.4 is vulnerable to SQL Injection via /api/admin/user/list.
Crmeb Crmeb Java
7.2
CVSSv3
CVE-2023-1165
A vulnerability was found in Zhong Bang CRMEB Java 1.3.4. It has been classified as critical. This affects an unknown part of the file /api/admin/system/store/order/list. The manipulation of the argument keywords leads to sql injection. The exploit has been disclosed to the publi...
Crmeb Crmeb 1.3.4
5.4
CVSSv3
CVE-2023-1609
A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. It has been rated as problematic. This issue affects the function save of the file /api/admin/store/product/save. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has ...
Crmeb Crmeb Java
NA
CVE-2024-25469
SQL Injection vulnerability in CRMEB crmeb_java v.1.3.4 and before allows a remote malicious user to obtain sensitive information via the latitude and longitude parameters in the api/front/store/list component.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started