Zhongbang CRMEB server-side request forgery vulnerability

Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. CRMEB version 3.0 has a server-side request forgery vulnerability , the vulnerability stems from the downloadimage interface SSRF vulnerability , you can remotely download any file on...

Server side request forgery (ssrf)

A SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely download arbitrary files on the server and remotely execute arbitrary code...