10 matches found
CVE-2024-6944
A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected by this issue is the function getimagebase64 of the file PublicController.php. The manipulation of the argument file leads to deserialization. The attack may be launched remotely. The exploit has bee...
CVE-2024-6944
A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected by this issue is the function getimagebase64 of the file PublicController.php. The manipulation of the argument file leads to deserialization. The attack may be launched remotely. The exploit has bee...
CVE-2024-6944 ZhongBangKeJi CRMEB PublicController.php get_image_base64 deserialization
A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected by this issue is the function getimagebase64 of the file PublicController.php. The manipulation of the argument file leads to deserialization. The attack may be launched remotely. The exploit has bee...
CVE-2024-6944 ZhongBangKeJi CRMEB PublicController.php get_image_base64 deserialization
A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected by this issue is the function getimagebase64 of the file PublicController.php. The manipulation of the argument file leads to deserialization. The attack may be launched remotely. The exploit has bee...
PT-2024-37983 · Zhongbangkeji · Crmeb
Name of the Vulnerable Software and Affected Versions: ZhongBangKeJi CRMEB versions up to 5.4.0 Description: A critical issue was found in the function get image base64 of the file PublicController.php. The manipulation of the argument file leads to deserialization. This issue can be exploited...
CVE-2023-3234
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been declared as problematic. Affected by this vulnerability is the function putimage of the file api/controller/v1/PublicController.php. The manipulation leads to deserialization. The attack can be launched remotely. The exploit h...
CVE-2023-3234
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been declared as problematic. Affected by this vulnerability is the function putimage of the file api/controller/v1/PublicController.php. The manipulation leads to deserialization. The attack can be launched remotely. The exploit h...
CVE-2023-3234 Zhong Bang CRMEB PublicController.php put_image deserialization
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been declared as problematic. Affected by this vulnerability is the function putimage of the file api/controller/v1/PublicController.php. The manipulation leads to deserialization. The attack can be launched remotely. The exploit h...
CVE-2023-3233 Zhong Bang CRMEB PublicController.php get_image_base64 server-side request forgery
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been classified as critical. Affected is the function getimagebase64 of the file api/controller/v1/PublicController.php. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The explo...
CVE-2023-3233
CVE-2023-3233 affects Zhong Bang CRMEB up to 4.6.0, with the get_image_base64 function in api/controller/v1/PublicController.php susceptible to server-side request forgery. The vulnerability enables remote exploitation (no user interaction) and is documented with public disclosure. Public-environ...