Soumettre #800684: crmeb crmeb_java 1.3.4 Unrestricted Uploadinformation

Titrecrmeb crmeb_java 1.3.4 Unrestricted Upload
DescriptionCRMEB Java contains an arbitrary file write vulnerability in the admin upload functionality. The model parameter from the upload request is used to construct the final filesystem path without whitelist validation, path normalization.
La source⚠️ https://fx4tqqfvdw4.feishu.cn/docx/EgMOdHyq6oyxhux5vpJcr5cgnAf?from=from_copylink
Utilisateur
 xcxr (UID 86629)
Soumission09/04/2026 03:40 (il y a 2 mois)
Modérer02/05/2026 10:22 (23 days later)
StatutAccepté
Entrée VulDB360826 [crmeb_java jusqu’à 1.3.4 Admin Upload UploadServiceImpl.java model élévation de privilèges]
Points17

PrécédentAperçuSuivant

Want to stay up to date on a daily basis?

Enable the mail alert feature now!