71 matches found
CVE-2026-1733
A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...
CVE-2026-1734
A security flaw has been discovered in Zhong Bang CRMEB up to 5.6.3. This vulnerability affects unknown code of the file crmeb/app/api/controller/v1/CrontabController.php of the component crontab Endpoint. The manipulation results in missing authorization. The attack can be launched remotely. The...
CVE-2026-1734 Zhong Bang CRMEB crontab Endpoint CrontabController.php authorization
A security flaw has been discovered in Zhong Bang CRMEB up to 5.6.3. This vulnerability affects unknown code of the file crmeb/app/api/controller/v1/CrontabController.php of the component crontab Endpoint. The manipulation results in missing authorization. The attack can be launched remotely. The...
CVE-2026-1734 Zhong Bang CRMEB crontab Endpoint CrontabController.php authorization
A security flaw has been discovered in Zhong Bang CRMEB up to 5.6.3. This vulnerability affects unknown code of the file crmeb/app/api/controller/v1/CrontabController.php of the component crontab Endpoint. The manipulation results in missing authorization. The attack can be launched remotely. The...
CVE-2026-1734
CVE-2026-1734 affects Zhong Bang CRMEB up to 5.6.3, specifically the crontab Endpoint’s CrontabController.php. The root cause is missing authorization in the crontab endpoint, enabling remote exploitation. Public PoC/exploit information appears in the entry and related sources, indicating real-wo...
CVE-2026-1733
A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...
CVE-2026-1733 Zhong Bang CRMEB :uni tidyOrder improper authorization
A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...
CVE-2026-1733 Zhong Bang CRMEB :uni tidyOrder improper authorization
A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...
CVE-2026-1733 Zhong Bang CRMEB :uni tidyOrder improper authorization
A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...
PT-2026-5585
Name of the Vulnerable Software and Affected Versions Zhong Bang CRMEB versions prior to 5.6.4 Description A security issue exists in Zhong Bang CRMEB. Improper authorization can occur due to manipulation of the order id argument within the detail/tidyOrder function located in the /api/store...
PT-2026-5586
A security flaw has been discovered in Zhong Bang CRMEB up to 5.6.3. This vulnerability affects unknown code of the file crmeb/app/api/controller/v1/CrontabController.php of the component crontab Endpoint. The manipulation results in missing authorization. The attack can be launched remotely. The...
EUVD-2020-14166
Malware in sbrugna...
EUVD-2023-33909
Malicious code in bioql PyPI...
EUVD-2023-43908
Malicious code in bioql PyPI...
EUVD-2023-23841
Malicious code in bioql PyPI...
EUVD-2023-43909
Malicious code in bioql PyPI...
EUVD-2023-43910
Malicious code in bioql PyPI...
EUVD-2023-23447
Malicious code in bioql PyPI...
EUVD-2023-23840
Malicious code in bioql PyPI...
CVE-2023-3234
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been declared as problematic. Affected by this vulnerability is the function putimage of the file api/controller/v1/PublicController.php. The manipulation leads to deserialization. The attack can be launched remotely. The exploit h...