3 matches found
CVE-2026-1733 Zhong Bang CRMEB :uni tidyOrder improper authorization
A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...
CVE-2026-1733 Zhong Bang CRMEB :uni tidyOrder improper authorization
A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...
PT-2026-5585
Name of the Vulnerable Software and Affected Versions Zhong Bang CRMEB versions prior to 5.6.4 Description A security issue exists in Zhong Bang CRMEB. Improper authorization can occur due to manipulation of the order id argument within the detail/tidyOrder function located in the /api/store...