PT-2024-37983 · Zhongbangkeji · Crmeb

Name of the Vulnerable Software and Affected Versions: ZhongBangKeJi CRMEB versions up to 5.4.0 Description: A critical issue was found in the function get image base64 of the file PublicController.php. The manipulation of the argument file leads to deserialization. This issue can be exploited...

PT-2023-23732 · Zhong Bang · Zhong Bang Crmeb

Name of the Vulnerable Software and Affected Versions: Zhong Bang CRMEB versions up to 4.6.0 Description: A critical issue has been found, affecting the get image base64 function of the file api/controller/v1/PublicController.php. This leads to server-side request forgery and can be launched...