Vulnerabilities > Crmeb > Crmeb Java

DATE CVE VULNERABILITY TITLE RISK
2023-03-23 CVE-2023-1608 SQL Injection vulnerability in Crmeb Java 1.3.4
A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4.
network
low complexity
crmeb CWE-89
critical
 9.8
9.8
2023-03-23 CVE-2023-1609 Cross-site Scripting vulnerability in Crmeb Java 1.3.4
A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4.
network
low complexity
crmeb CWE-79
5.4
5.4
2023-03-07 CVE-2023-25223 SQL Injection vulnerability in Crmeb Java 1.3.4
CRMEB <=1.3.4 is vulnerable to SQL Injection via /api/admin/user/list.
network
low complexity
crmeb CWE-89
7.2
7.2