CVE-2020-21787
CRITICAL
9.8
CVSS Severity Score
Vulnerability Description
CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php.
Affected Platforms (CPE)
📦
Crmeb
返回 CVE 浏览器
相关漏洞威胁
CVE-2020-254669.8
A SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely download arbitrary files on the server...
CVE-2020-213948.8
SQL Injection vulnerability in Zhong Bang Technology Co., Ltd CRMEB mall system V2.60 and V3.1 via the tablename parameter in Syst...
CVE-2020-217884.3
In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The vulnerable code is in file /crmeb/app...
CVE-2020-628710.0
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which...