CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-25469

SQL Injection vulnerability in CRMEB crmeb_java v.1.3.4 and before allows a remote attacker to obtain sensitive information via the latitude and longitude parameters in the api/front/store/list component.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.8%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/crmeb/crmeb_java/
https://github.com/crmeb/crmeb_java/issues/20
https://github.com/crmeb/crmeb_java/
https://github.com/crmeb/crmeb_java/issues/20

Products affected by CVE-2024-25469

Crmeb » Crmeb Java » Version: 1.3.4

cpe:2.3:a:crmeb:crmeb_java:1.3.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-25469

Products

Pricing

Contact Us