Lucene search
K

71 matches found

RedhatCVE
RedhatCVE
added 2026/02/03 3:11 a.m.18 views

CVE-2026-1733

A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...

5.3CVSS5.3AI score0.00364EPSS
Exploits1References1
NVD
NVD
added 2026/02/02 12:15 a.m.9 views

CVE-2026-1734

A security flaw has been discovered in Zhong Bang CRMEB up to 5.6.3. This vulnerability affects unknown code of the file crmeb/app/api/controller/v1/CrontabController.php of the component crontab Endpoint. The manipulation results in missing authorization. The attack can be launched remotely. The...

6.9CVSS0.00474EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/02/01 11:32 p.m.32 views

CVE-2026-1734 Zhong Bang CRMEB crontab Endpoint CrontabController.php authorization

A security flaw has been discovered in Zhong Bang CRMEB up to 5.6.3. This vulnerability affects unknown code of the file crmeb/app/api/controller/v1/CrontabController.php of the component crontab Endpoint. The manipulation results in missing authorization. The attack can be launched remotely. The...

6.9CVSS0.00474EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/02/01 11:32 p.m.4 views

CVE-2026-1734 Zhong Bang CRMEB crontab Endpoint CrontabController.php authorization

A security flaw has been discovered in Zhong Bang CRMEB up to 5.6.3. This vulnerability affects unknown code of the file crmeb/app/api/controller/v1/CrontabController.php of the component crontab Endpoint. The manipulation results in missing authorization. The attack can be launched remotely. The...

6.9CVSS5.1AI score0.00474EPSS
Exploits1References5
CVE
CVE
added 2026/02/01 11:32 p.m.20 views

CVE-2026-1734

CVE-2026-1734 affects Zhong Bang CRMEB up to 5.6.3, specifically the crontab Endpoint’s CrontabController.php. The root cause is missing authorization in the crontab endpoint, enabling remote exploitation. Public PoC/exploit information appears in the entry and related sources, indicating real-wo...

6.9CVSS5.7AI score0.00474EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/02/01 11:15 p.m.12 views

CVE-2026-1733

A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...

5.3CVSS0.00364EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/02/01 11:2 p.m.34 views

CVE-2026-1733 Zhong Bang CRMEB :uni tidyOrder improper authorization

A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...

5.3CVSS0.00364EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/02/01 11:2 p.m.5 views

CVE-2026-1733 Zhong Bang CRMEB :uni tidyOrder improper authorization

A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...

5.3CVSS5.2AI score0.00364EPSS
Exploits1References5
OSV
OSV
added 2026/02/01 11:2 p.m.6 views

CVE-2026-1733 Zhong Bang CRMEB :uni tidyOrder improper authorization

A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...

5.3CVSS5.7AI score0.00364EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/02/01 12:0 a.m.11 views

PT-2026-5585

Name of the Vulnerable Software and Affected Versions Zhong Bang CRMEB versions prior to 5.6.4 Description A security issue exists in Zhong Bang CRMEB. Improper authorization can occur due to manipulation of the order id argument within the detail/tidyOrder function located in the /api/store...

5.3CVSS5AI score0.00364EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/02/01 12:0 a.m.14 views

PT-2026-5586

A security flaw has been discovered in Zhong Bang CRMEB up to 5.6.3. This vulnerability affects unknown code of the file crmeb/app/api/controller/v1/CrontabController.php of the component crontab Endpoint. The manipulation results in missing authorization. The attack can be launched remotely. The...

6.9CVSS5.6AI score0.00474EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-14166

Malware in sbrugna...

8.8CVSS8.7AI score0.01163EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-33909

Malicious code in bioql PyPI...

7.2CVSS5.2AI score0.00824EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-43908

Malicious code in bioql PyPI...

9.8CVSS7AI score0.012EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-23841

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00517EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-43909

Malicious code in bioql PyPI...

8.8CVSS6.9AI score0.0082EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-43910

Malicious code in bioql PyPI...

9.8CVSS5.3AI score0.01165EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-23447

Malicious code in bioql PyPI...

7.2CVSS5.8AI score0.00763EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-23840

Malicious code in bioql PyPI...

9.8CVSS7AI score0.0063EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 3:48 a.m.9 views

CVE-2023-3234

A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been declared as problematic. Affected by this vulnerability is the function putimage of the file api/controller/v1/PublicController.php. The manipulation leads to deserialization. The attack can be launched remotely. The exploit h...

9.8CVSS6.8AI score0.01165EPSS
Exploits1References1
Rows per page
Query Builder