2 matches found
PT-2024-37982 · Zhongbangkeji · Crmeb
Name of the Vulnerable Software and Affected Versions: ZhongBangKeJi CRMEB versions up to 5.4.0 Description: A critical issue has been found, affecting the function downloadImage of the file app/services/product/product/CopyTaobaoServices.php. This issue leads to deserialization and can be...
CVE-2020-21788
In CRMEB 3.1.0+ strict domain name filtering leads to SSRFServer-Side Request Forgery. The vulnerable code is in file /crmeb/app/admin/controller/store/CopyTaobao.php...