Vulnerabilities > Crmeb > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-03-23 CVE-2023-1609 Cross-site Scripting vulnerability in Crmeb Java 1.3.4
A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4.
network
low complexity
crmeb CWE-79
5.4
5.4
2021-06-29 CVE-2020-21394 SQL Injection vulnerability in Crmeb 2.60/3.1
SQL Injection vulnerability in Zhong Bang Technology Co., Ltd CRMEB mall system V2.60 and V3.1 via the tablename parameter in SystemDatabackup.php.
network
low complexity
crmeb CWE-89
6.5
6.5
2021-06-24 CVE-2020-21788 Server-Side Request Forgery (SSRF) vulnerability in Crmeb 3.1.0+
In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery).
network
low complexity
crmeb CWE-918
4.0
4.0