Submeter #374394: Xi'an Zhongbang Network Technology Co. CRMEB open source mall system <=5.4.0 phar Deserialization/RCEinformação

TítuloXi'an Zhongbang Network Technology Co. CRMEB open source mall system <=5.4.0 phar Deserialization/RCE
DescriçãoA vulnerability classified as critical has been discovered in the CRMEB open source mall system. This affects the downloadImage section of the file CopyTaobaoServices.php (authentication required). Manipulation of the images parameter causes phar deserialisation to enable arbitrary code execution.
Fonte⚠️ https://gist.github.com/J1rrY-learn/e15a1926a3b5a2b8805a15cb95eff1d7
Utilizador
 J1rrY (UID 64327)
Submissão13/07/2024 19h21 (há 2 anos)
Moderação20/07/2024 11h59 (7 days later)
EstadoAceite
Entrada VulDB272065 [ZhongBangKeJi CRMEB até 5.4.0 CopyTaobaoServices.php downloadImage Elevação de Privilégios]
Pontos17

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!