Vulnerabilities > Crmeb > Crmeb > 4.4.4

DATE CVE VULNERABILITY TITLE RISK
2023-06-14 CVE-2023-3233 Server-Side Request Forgery (SSRF) vulnerability in Crmeb
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0.
network
low complexity
crmeb CWE-918
8.8
8.8
2023-06-14 CVE-2023-3234 Deserialization of Untrusted Data vulnerability in Crmeb
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0.
network
low complexity
crmeb CWE-502
critical
 9.8
9.8
2023-06-14 CVE-2023-3232 Deserialization of Untrusted Data vulnerability in Crmeb
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0 and classified as critical.
network
low complexity
crmeb CWE-502
critical
 9.8
9.8
2023-05-08 CVE-2023-30185 Unrestricted Upload of File with Dangerous Type vulnerability in Crmeb 4.4.2/4.4.4/4.6.0
CRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \attachment\SystemAttachmentServices.php.
network
low complexity
crmeb CWE-434
critical
 9.8
9.8
2023-02-06 CVE-2022-44343 Files or Directories Accessible to External Parties vulnerability in Crmeb 4.4.4
CRMEB 4.4.4 is vulnerable to Any File download.
network
low complexity
crmeb CWE-552
7.5
7.5