Vulnerabilities > Crmeb > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-14 | CVE-2023-3234 | Unspecified vulnerability in Crmeb A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. | 9.8 |
| 2023-06-14 | CVE-2023-3232 | Unspecified vulnerability in Crmeb A vulnerability was found in Zhong Bang CRMEB up to 4.6.0 and classified as critical. | 9.8 |
| 2023-05-08 | CVE-2023-30185 | Unrestricted Upload of File with Dangerous Type vulnerability in Crmeb CRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \attachment\SystemAttachmentServices.php. | 9.8 |
| 2023-03-23 | CVE-2023-1608 | SQL Injection vulnerability in Crmeb Java 1.3.4 A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. | 9.8 |
| 2021-06-24 | CVE-2020-21787 | Unrestricted Upload of File with Dangerous Type vulnerability in Crmeb 3.1.0+ CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php. | 9.8 |
| 2020-10-23 | CVE-2020-25466 | Server-Side Request Forgery (SSRF) vulnerability in Crmeb 3.0 A SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely download arbitrary files on the server and remotely execute arbitrary code. | 9.8 |