Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2026/01/12 12:0 a.m.4 views

PT-2026-2300

Name of the Vulnerable Software and Affected Versions xmall version 1.1 Description An issue exists in xmall version 1.1 related to access control. Specifically, the /member/orderList API endpoint allows unauthorized access to other users' order details. This is achieved by manipulating the userI...

8.2CVSS6.6AI score0.00206EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 2:58 a.m.4 views

CVE-2023-1165

A vulnerability was found in Zhong Bang CRMEB Java 1.3.4. It has been classified as critical. This affects an unknown part of the file /api/admin/system/store/order/list. The manipulation of the argument keywords leads to sql injection. The exploit has been disclosed to the public and may be used...

7.2CVSS7.6AI score0.00763EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/03/03 12:0 a.m.3 views

PT-2023-16793 · Zhong Bang · Zhong Bang Crmeb Java

Name of the Vulnerable Software and Affected Versions: Zhong Bang CRMEB Java version 1.3.4 Description: A critical issue has been found, affecting the /api/admin/system/store/order/list endpoint. The manipulation of the keywords argument leads to SQL injection. The exploit has been disclosed to t...

7.2CVSS6.3AI score0.00763EPSS
Exploits1References6
CNVD
CNVD
added 2015/03/05 12:0 a.m.1 views

SQL Injection Vulnerability in Hotel Online Direct Marketing Platform of Guangzhou Askway Information Technology Co.

Ltd. is a set of hotel online direct marketing technology and operation service system, focusing on building their own online direct marketing platform and system for hotels, providing consulting, advisory, training and other services to help hotels to improve the operation and revenue capacity...

7.7AI score
Exploits0References1
Rows per page
Query Builder