CRMEB authorization issue vulnerabilities

CRMEB is an open-source Java e-commerce system developed by CRMEB. Versions of CRMEB 5.6.3 and earlier contained a vulnerability related to authorization issues. This vulnerability stemmed from incorrect handling of the parameter openId in the file crmeb/app/api/controller/v1/LoginController.php,...

EUVD-2017-5656

Malware in sbrugna...

CVE-2024-28265

IBOS v4.5.5 has an arbitrary file deletion vulnerability via \system\modules\dashboard\controllers\LoginController.php...

CVE-2024-28265

IBOS v4.5.5 has an arbitrary file deletion vulnerability via \system\modules\dashboard\controllers\LoginController.php...

CVE-2024-28265

CVE-2024-28265 affects IBOS v4.5.5, which has an arbitrary file deletion vulnerability in the file system/modules/dashboard/controllers/LoginController.php. The CVE entry assigns a CVSS v3.1 base score of 9.1 (CRITICAL) with network attack vector, no authentication, high impact to integrity and a...

CVE-2024-28265

IBOS v4.5.5 has an arbitrary file deletion vulnerability via \system\modules\dashboard\controllers\LoginController.php...

PT-2024-22370 · Ibos · Ibos

Name of the Vulnerable Software and Affected Versions: IBOS version 4.5.5 Description: IBOS version 4.5.5 contains an arbitrary file deletion vulnerability located in the systemmodulesdashboardcontrollersLoginController.php file. Recommendations: Update to a newer version of IBOS to address this...