Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2020-21787
Disclosure Date: June 24, 2021 (last updated February 22, 2025)
CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php.
0
Attacker Value
Unknown
CVE-2020-21788
Disclosure Date: June 24, 2021 (last updated February 22, 2025)
In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The vulnerable code is in file /crmeb/app/admin/controller/store/CopyTaobao.php.
0
