Product
crmeb java
7 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-33117
CVE-2024-28714
CVE-2024-24110
CVE-2024-25469
CVE-2023-1609
CVE-2023-1608
CVE-2023-25223
all versions
crmeb_java v1.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the mergeList method in class com.zbkj.front.
< 1.3.4
SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an attacker to execute arbitrary code via the groupid p
< 1.3.4
SQL Injection vulnerability in crmeb_java before v1.3.4 allows attackers to run arbitrary SQL commands via crafted GET request to
all versions
SQL Injection vulnerability in CRMEB crmeb_java v.1.3.4 and before allows a remote attacker to obtain sensitive information via th
<= 1.3.4
A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. It has been rated as problematic. This issue affects the function
<= 1.3.4
A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. It has been declared as critical. This vulnerability affects the f
<= 1.3.4
CRMEB <=1.3.4 is vulnerable to SQL Injection via /api/admin/user/list.