제출 #374394: Xi'an Zhongbang Network Technology Co. CRMEB open source mall system <=5.4.0 phar Deserialization/RCE정보

제목Xi'an Zhongbang Network Technology Co. CRMEB open source mall system <=5.4.0 phar Deserialization/RCE
설명A vulnerability classified as critical has been discovered in the CRMEB open source mall system. This affects the downloadImage section of the file CopyTaobaoServices.php (authentication required). Manipulation of the images parameter causes phar deserialisation to enable arbitrary code execution.
원천⚠️ https://gist.github.com/J1rrY-learn/e15a1926a3b5a2b8805a15cb95eff1d7
사용자
 J1rrY (UID 64327)
제출2024. 07. 13. PM 07:21 (2 연령 ago)
모더레이션2024. 07. 20. AM 11:59 (7 days later)
상태수락
VulDB 항목272065 [ZhongBangKeJi CRMEB 까지 5.4.0 CopyTaobaoServices.php downloadImage 권한 상승]
포인트들17

이전개요다음

Interested in the pricing of exploits?

See the underground prices here!