Submit #721916: crmeb v5.6.1 SQL Injectioninfo

Titlecrmeb v5.6.1 SQL Injection
DescriptionCRMEB versions prior to v5.6.1 are affected by a SQL injection vulnerability located in the /adminapi/product/product_export endpoint. This flaw allows authenticated attackers with backend access to execute arbitrary SQL queries by manipulating input parameters, potentially leading to data leakage, privilege escalation, or full database compromise.
Source⚠️ https://github.com/En0t5/vul/blob/main/crmeb/crmeb-product-productExport-SQL.md
User
 Tophant (UID 80370)
Submission12/23/2025 11:30 (6 months ago)
Moderation01/03/2026 19:42 (11 days later)
StatusAccepted
VulDB entry339465 [CRMEB up to 5.6.1 product_export cate_id sql injection]
Points19

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!