Crmeb Java@* Security Vulnerabilities and Issues — Crmeb Java@* CVE List

Lucene search

CrmebCrmeb Java*

5 matches found

CVE•added 2023/03/23 8:15 p.m.•86 views

CVE-2023-1609

A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. It has been rated as problematic. This issue affects the function save of the file /api/admin/store/product/save. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to t...

5.4CVSS4.4AI score0.00064EPSS

CVE•added 2023/03/23 8:15 p.m.•75 views

CVE-2023-1608

A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. It has been declared as critical. This vulnerability affects the function getAdminList of the file /api/admin/store/product/list. The manipulation of the argument cateId leads to sql injection. The attack can be initiated remotely. The...

9.8CVSS8.2AI score0.00048EPSS

CVE•added 2023/03/07 5:15 p.m.•68 views

CVE-2023-25223

CRMEB

7.2CVSS7.4AI score0.0024EPSS

CVE•added 2024/03/28 11:15 p.m.•55 views

CVE-2024-28714

SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an attacker to execute arbitrary code via the groupid parameter.

8.1CVSS8.7AI score0.00163EPSS

CVE•added 2024/03/21 2:52 a.m.•54 views

CVE-2024-24110

SQL Injection vulnerability in crmeb_java before v1.3.4 allows attackers to run arbitrary SQL commands via crafted GET request to the component /api/front/spread/people.

6.5CVSS8.2AI score0.00362EPSS