| عنوان | Zhongbang CRMEB v5.6.3 Missing Authorization |
|---|
| الوصف | All cron job related endpoints lack authentication and authorization controls. Any attacker can invoke these cron job endpoints without authentication, leading to malicious order cancellation, forced delivery confirmation, distribution system disruption, and other serious impacts. |
|---|
| المصدر | ⚠️ https://github.com/foeCat/CVE/blob/main/CRMEB/crontab_unauthorized_access.md |
|---|
| المستخدم | Ho Cherry (UID 94105) |
|---|
| ارسال | 12/01/2026 05:47 PM (3 أشهر منذ) |
|---|
| الاعتدال | 01/02/2026 08:35 AM (20 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 343633 [Zhong Bang CRMEB حتى 5.6.3 crontab Endpoint CrontabController.php تجاوز الصلاحيات] |
|---|
| النقاط | 17 |
|---|