Title | Xi'an Zhongbang Network Technology Co. CRMEB open source mall system <=5.4.0 Arbitrary file reading |
---|
Description | A vulnerability classified as critical has been discovered in the CRMEB open source mall system. This affects the get_image_base64 section of the file PublicController.php. Manipulation of the image/code parameter results in arbitrary file reads. |
---|
Source | ⚠️ https://gist.github.com/J1rrY-learn/93a0cf71894570f4eb39344161beb44c |
---|
User | J1rrY (UID 64327) |
---|
Submission | 07/13/2024 10:17 PM (7 months ago) |
---|
Moderation | 07/20/2024 11:59 AM (7 days later) |
---|
Status | Accepted |
---|
VulDB Entry | 272066 [ZhongBangKeJi CRMEB up to 5.4.0 PublicController.php get_image_base64 file deserialization] |
---|
Points | 17 |
---|