| 标题 | Zhongbang CRMEB v5.6.3 Missing Authorization |
|---|
| 描述 | All cron job related endpoints lack authentication and authorization controls. Any attacker can invoke these cron job endpoints without authentication, leading to malicious order cancellation, forced delivery confirmation, distribution system disruption, and other serious impacts. |
|---|
| 来源 | ⚠️ https://github.com/foeCat/CVE/blob/main/CRMEB/crontab_unauthorized_access.md |
|---|
| 用户 | Ho Cherry (UID 94105) |
|---|
| 提交 | 2026-01-12 17時47分 (3 月前) |
|---|
| 管理 | 2026-02-01 08時35分 (20 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 343633 [Zhong Bang CRMEB 直到 5.6.3 crontab Endpoint CrontabController.php 权限提升] |
|---|
| 积分 | 17 |
|---|