CVE-2023-3233 Zhong Bang CRMEB PublicController.php get_image_base64 server-side request forgery

🗓️ 14 Jun 2023 06:31:03Reported by VulDBType

CVE-2023-3233 Zhong Bang CRMEB PublicController.php get_image_base64 SSR

Reporter	Title	Published	Views	Family All 8
CNNVD	Zhongbang CRMEB 代码问题漏洞	14 Jun 202300:00	–	cnnvd
CVE	CVE-2023-3233	14 Jun 202306:31	–	cve
EUVD	EUVD-2023-43909	3 Oct 202520:07	–	euvd
NVD	CVE-2023-3233	14 Jun 202307:15	–	nvd
Prion	Server side request forgery (ssrf)	14 Jun 202307:15	–	prion
Positive Technologies	PT-2023-23732 · Zhong Bang · Zhong Bang Crmeb	14 Jun 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-3233	23 May 202501:59	–	redhatcve
Vulnrichment	CVE-2023-3233 Zhong Bang CRMEB PublicController.php get_image_base64 server-side request forgery	14 Jun 202306:31	–	vulnrichment

[
  {
    "vendor": "Zhong Bang",
    "product": "CRMEB",
    "versions": [
      {
        "version": "4.0",
        "status": "affected"
      },
      {
        "version": "4.1",
        "status": "affected"
      },
      {
        "version": "4.2",
        "status": "affected"
      },
      {
        "version": "4.3",
        "status": "affected"
      },
      {
        "version": "4.4",
        "status": "affected"
      },
      {
        "version": "4.5",
        "status": "affected"
      },
      {
        "version": "4.6",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
github	www.github.com/HuBenLab/HuBenVulList/blob/main/CRMEB%20is%20vulnerable%20to%20Server-side%20request%20forgery%20(SSRF).md
vuldb	www.vuldb.com/

13 Feb 2024 07:37Current

8.9High risk

Vulners AI Score8.9

CVSS 3.16.3

CVSS 36.3

CVSS 26.5

EPSS0.00077

CWE-918

vulnerability critical zhong bang crmeb get_image_base64 server-side request forgery remote attack vdb-231504 disclosure early contact.