CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50653

CRMEB <=5.4.0 is vulnerable to Incorrect Access Control. Users can bypass the front-end restriction of only being able to claim coupons once by capturing packets and sending a large number of data packets for coupon collection, achieving unlimited coupon collection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.0%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2024-50653

Crmeb » Crmeb » Version: N/A

cpe:2.3:a:crmeb:crmeb:-
Crmeb » Crmeb » Version: 2.0

cpe:2.3:a:crmeb:crmeb:2.0
Crmeb » Crmeb » Version: 2.5.2

cpe:2.3:a:crmeb:crmeb:2.5.2
Crmeb » Crmeb » Version: 2.5.3

cpe:2.3:a:crmeb:crmeb:2.5.3
Crmeb » Crmeb » Version: 2.5.35

cpe:2.3:a:crmeb:crmeb:2.5.35
Crmeb » Crmeb » Version: 2.5.36

cpe:2.3:a:crmeb:crmeb:2.5.36
Crmeb » Crmeb » Version: 2.6

cpe:2.3:a:crmeb:crmeb:2.6
Crmeb » Crmeb » Version: 2.6.0

cpe:2.3:a:crmeb:crmeb:2.6.0
Crmeb » Crmeb » Version: 2.6.13

cpe:2.3:a:crmeb:crmeb:2.6.13
Crmeb » Crmeb » Version: 2.60

cpe:2.3:a:crmeb:crmeb:2.60
Crmeb » Crmeb » Version: 3.0

cpe:2.3:a:crmeb:crmeb:3.0
Crmeb » Crmeb » Version: 3.1

cpe:2.3:a:crmeb:crmeb:3.1
Crmeb » Crmeb » Version: 3.1.0+

cpe:2.3:a:crmeb:crmeb:3.1.0+
Crmeb » Crmeb » Version: 3.2.8

cpe:2.3:a:crmeb:crmeb:3.2.8
Crmeb » Crmeb » Version: 4.4.0

cpe:2.3:a:crmeb:crmeb:4.4.0
Crmeb » Crmeb » Version: 4.4.2

cpe:2.3:a:crmeb:crmeb:4.4.2
Crmeb » Crmeb » Version: 4.4.4

cpe:2.3:a:crmeb:crmeb:4.4.4
Crmeb » Crmeb » Version: 4.6.0

cpe:2.3:a:crmeb:crmeb:4.6.0
Crmeb » Crmeb » Version: 4.7.0

cpe:2.3:a:crmeb:crmeb:4.7.0
Crmeb » Crmeb » Version: 5.2.0

cpe:2.3:a:crmeb:crmeb:5.2.0
Crmeb » Crmeb » Version: 5.2.2

cpe:2.3:a:crmeb:crmeb:5.2.2
Crmeb » Crmeb » Version: 5.3.0

cpe:2.3:a:crmeb:crmeb:5.3.0
Crmeb » Crmeb » Version: 5.4.0

cpe:2.3:a:crmeb:crmeb:5.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50653

Products

Pricing

Contact Us