CVE-2025-15443 CRMEB product_export sql injection

A vulnerability was identified in CRMEB up to 5.6.1. This issue affects some unknown processing of the file /adminapi/product/productexport. Such manipulation of the argument cateid leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. T...

PT-2026-1188

Name of the Vulnerable Software and Affected Versions CRMEB versions up to 5.6.1 Description A flaw exists in CRMEB that could allow for remote code execution. The issue stems from a SQL injection vulnerability within the /adminapi/export/product list file. Specifically, manipulating the cate id...

CVE-2025-11288

A security flaw has been discovered in CRMEB up to 5.6. This issue affects some unknown processing of the file /adminapi/product/product of the component GET Parameter Handler. Performing a manipulation of the argument cateid results in sql injection. Remote exploitation of the attack is possible...

EUVD-2006-3972

Malware in sbrugna...

CVE-2025-11288

A security flaw has been discovered in CRMEB up to 5.6. This issue affects some unknown processing of the file /adminapi/product/product of the component GET Parameter Handler. Performing a manipulation of the argument cateid results in sql injection. Remote exploitation of the attack is possible...

CVE-2025-11288 CRMEB GET Parameter product sql injection

A security flaw has been discovered in CRMEB up to 5.6. This issue affects some unknown processing of the file /adminapi/product/product of the component GET Parameter Handler. Performing a manipulation of the argument cateid results in sql injection. Remote exploitation of the attack is possible...

The vulnerability of the AdminAPI component of the software integration panel for IBM App Connect Enterprise, related to an error in exception handling, allows a malicious actor to cause a service failure.

The vulnerability of the AdminAPI component of the software integration panel for IBM App Connect Enterprise is related to an error in exception handling. Exploiting this vulnerability could allow a malicious actor to cause service failures...

Security Bulletin: IBM App Connect Enterprise AdminAPI is vulnerable to a denial of service (CVE-2024-31904)

Summary IBM App Connect Enterprise AdminAPI is vulnerable to a denial of service. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-31904 DESCRIPTION: IBM App Connect Enterprise integration nodes could allow an authenticated user to caus...

CVE-2024-20767 - Adobe Coldfusion Arbitrary File Read

This module exploits an Improper Access Vulnerability in Adobe Coldfusion versions prior to version '2023 Update 6' and '2021 Update 12'. The vulnerability allows unauthenticated attackers to request authentication token in the form of a UUID from the /CFIDE/adminapi/servermanager/servermanager.c...

IBM Integration Bus Resource Management Error Vulnerability

IBM Integration Bus IBM WebSphere Message Broker is an enterprise service bus ESB product from International Business Machines IBM. The product provides connectivity and common data transformation for Service Oriented Architecture SOA environments and non-SOA environments. A resource management...

Path traversal

A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been declared as critical. This vulnerability affects the function save/delete of the file /adminapi/system/crud. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. The identifier o...

CVE-2024-1703

A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been disclosed to the public and may be used. The...

CRMEB Path Traversal Vulnerability

Zhongbang CRMEB is an open source e-commerce management system from Xi'an Zhongbang Networks Zhongbang. CRMEB 5.2.2 version of the path traversal vulnerability , the vulnerability stems from the file /adminapi/system/crud save/delete function has a path traversal vulnerability...

PT-2024-18236 · Zhongbangkeji · Crmeb

Name of the Vulnerable Software and Affected Versions: ZhongBangKeJi CRMEB version 5.2.2 Description: A problematic issue has been found in the software, affecting the openfile function of the file "/adminapi/system/file/openfile". This issue leads to absolute path traversal. The exploit has been...

CVE-2024-22332

The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972...

CVE-2024-22332

The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972...

Denial of service

The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972...

CVE-2024-22332

The CVE-2024-22332 entry concerns IBM Integration Bus for z/OS AdminAPI. Affected versions are 10.1 through 10.1.0.2, with a denial-of-service risk caused by file system exhaustion. IBM’s Security Bulletin confirms the vulnerability and lists APAR IT45216 as the remediation path, with an Interim ...

Security Bulletin: The IBM Integration Bus for z/OS AdminAPI is vulnerable to a denial of service vulnerability (CVE-2024-22332).

Summary The IBM Integration Bus for z/OS AdminAPI is vulnerable to a denial of service vulnerability CVE-2024-22332. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-22332 DESCRIPTION: The IBM Integration Bus for z/OS AdminAPI is...

CVE-2020-10574

An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "querylogger" Admin API request, because of a typo in the JSON validation...