A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected by this issue is the function get_image_base64 of the file PublicController.php. The manipulation of the argument file leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-272066 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
History

Fri, 20 Sep 2024 23:15:00 +0000

Type Values Removed Values Added
First Time appeared Zhongbangkeji
Zhongbangkeji crmeb
CPEs cpe:2.3:a:zhongbangkeji:crmeb:*:*:*:*:*:*:*:*
Vendors & Products Zhongbangkeji
Zhongbangkeji crmeb

cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-07-21T07:31:04.139Z

Updated: 2024-08-01T21:45:38.367Z

Reserved: 2024-07-20T09:59:27.747Z

Link: CVE-2024-6944

cve-icon Vulnrichment

Updated: 2024-08-01T21:45:38.367Z

cve-icon NVD

Status : Modified

Published: 2024-07-21T08:15:06.687

Modified: 2024-11-21T09:50:36.410

Link: CVE-2024-6944

cve-icon Redhat

No data.