Invia #374394: Xi'an Zhongbang Network Technology Co. CRMEB open source mall system <=5.4.0 phar Deserialization/RCEinformazioni

TitoloXi'an Zhongbang Network Technology Co. CRMEB open source mall system <=5.4.0 phar Deserialization/RCE
DescrizioneA vulnerability classified as critical has been discovered in the CRMEB open source mall system. This affects the downloadImage section of the file CopyTaobaoServices.php (authentication required). Manipulation of the images parameter causes phar deserialisation to enable arbitrary code execution.
Fonte⚠️ https://gist.github.com/J1rrY-learn/e15a1926a3b5a2b8805a15cb95eff1d7
Utente
 J1rrY (UID 64327)
Sottomissione13/07/2024 19:21 (2 anni fa)
Moderazione20/07/2024 11:59 (7 days later)
StatoAccettato
Voce VulDB272065 [ZhongBangKeJi CRMEB fino a 5.4.0 CopyTaobaoServices.php downloadImage escalationi di privilegi]
Punti17

PrecedenteVisione D'ensembleIl prossimo

Want to know what is going to be exploited?

We predict KEV entries!