Crmeb Java@1.3.4 Security Vulnerabilities and Issues — Crmeb Java@1.3.4 CVE List

Lucene search

CrmebCrmeb Java1.3.4

3 matches found

CVE•added 2024/02/23 11:15 p.m.•4487 views

CVE-2024-25469

SQL Injection vulnerability in CRMEB crmeb_java v.1.3.4 and before allows a remote attacker to obtain sensitive information via the latitude and longitude parameters in the api/front/store/list component.

7.5CVSS7.4AI score0.00045EPSS

CVE•added 2024/03/28 11:15 p.m.•55 views

CVE-2024-28714

SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an attacker to execute arbitrary code via the groupid parameter.

8.1CVSS8.7AI score0.00163EPSS

CVE•added 2024/05/06 8:15 p.m.•39 views

CVE-2024-33117

crmeb_java v1.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the mergeList method in class com.zbkj.front.pub.ImageMergeController.

5.3CVSS7.3AI score0.00103EPSS