In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The vulnerable code is in file /crmeb/app/admin/controller/store/CopyTaobao.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
crmeb crmeb 3.1.0\\+ |