20 matches found
Exploit for SQL Injection in Crmeb
CVE-2024-36837 / CNVD-2024-30128 POC write URL in url.txt and...
crmeb 安全漏洞
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. A security vulnerability exists in crmebjava v1.3.4, which was discovered via the mergeList method of the com.zbkj.front.pub.ImageMergeController class to contain a server-side reques...
Zhongbang CRMEB 安全漏洞
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang in Xi'an, China. A security vulnerability exists in CRMEB Java e-commerce system version v.1.3.4. An attacker can exploit this vulnerability to execute arbitrary code via the groupid parameter...
crmeb_java 安全漏洞
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. A security vulnerability exists in versions prior to crmebjava v1.3.4, which stems from the presence of a SQL injection vulnerability that allows an attacker to run arbitrary SQL...
CRMEB Security Vulnerabilities
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. A security vulnerability exists in CRMEB crmebjava v.1.3.4 and earlier versions. A remote attacker can exploit this vulnerability to obtain sensitive information via the latitude and...
Zhongbang CRMEB 代码问题漏洞
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. A code issue vulnerability exists in Zhongbang CRMEB versions prior to 4.6.0. An attacker could exploit this vulnerability to conduct server-side request forgery attacks...
Zhongbang CRMEB 代码问题漏洞
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. A code issue vulnerability exists in Zhongbang CRMEB versions prior to 4.6.0. An attacker could exploit this vulnerability to cause data deserialization...
Zhongbang CRMEB 代码问题漏洞
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. A code issue vulnerability exists in Zhongbang CRMEB versions prior to 4.6.0. An attacker could exploit this vulnerability to cause data deserialization...
Zhongbang CRMEB 代码问题漏洞
Zhongbang CRMEB is an open source e-commerce management system from Xi'an Zhongbang Networks Zhongbang Company in China. CRMEB v4.4 to v4.6 there is a security vulnerability , the vulnerability stems from the component attachmentSystemAttachmentServices.php found to contain arbitrary file upload...
Zhongbang CRMEB 代码问题漏洞
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. A code issue vulnerability exists in Zhongbang CRMEB version 4.6.0, which stems from an incorrect operation of the parameter filename resulting in unrestricted file uploads...
Zhongbang CRMEB 跨站脚本漏洞
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. A security vulnerability exists in CRMEB Java version 1.3.4, which originates from a security issue in the function save in the file /api/admin/store/product/save, resulting in...
Zhongbang CRMEB SQL注入漏洞
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang in Xi'an, China. A security vulnerability exists in CRMEB version 1.3.4 and earlier versions, which originated from an SQL injection attack via /api/admin/user/list...
Zhongbang CRMEB SQL注入漏洞
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. Zhong Bang CRMEB Java version 1.3.4 suffers from a SQL injection vulnerability, which stems from the operation of the parameter keywords can lead to sql injection...
Zhongbang CRMEB 安全漏洞
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Xi'an, China. A security vulnerability exists in CRMEB version 4.4.4, which is caused by an arbitrary file download...
Zhongbang CRMEB SQL Injection Vulnerability
Zhongbang CRMEB is an open source e-commerce management system of China Xi'an Zhongbang Network Zhongbang Company. Zhongbang CRMEB Mall System There is a SQL injection vulnerability in Zhongbang CRMEB Mall System V2.60 and V3.1 via the SQL injection vulnerability in the tablename parameter in...
Zhongbang CRMEB SQL注入漏洞
Zhongbang CRMEB is an open source e-commerce management system of China Xi'an Zhongbang Network Zhongbang Company. Zhongbang CRMEB Mall System There is a SQL injection vulnerability in Zhongbang CRMEB Mall System V2.60 and V3.1 via the SQL injection vulnerability in the tablename parameter in...
crmeb server-side request forgery vulnerability
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. A security vulnerability exists in CRMEB 3.1.0+, which stems from the strict domain name filtering in CRMEB 3.1.0+ leading to SSRF Server Side Request Forgery. No detailed vulnerabili...
Zhongbang CRMEB 代码问题漏洞
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. A security vulnerability exists in CRMEB 3.1.0+, which causes a file upload vulnerability via the CRMEB service upload service...
Zhongbang CRMEB 代码问题漏洞
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. A security vulnerability exists in CRMEB 3.1.0+, which stems from the strict domain name filtering in CRMEB 3.1.0+ leading to SSRF Server Side Request Forgery. No detailed vulnerabili...
Zhongbang CRMEB server-side request forgery vulnerability
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. CRMEB version 3.0 has a server-side request forgery vulnerability , the vulnerability stems from the downloadimage interface SSRF vulnerability , you can remotely download any file on...