CVE-2024-28714 - SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an attacker to execute ar

CVE-2024-28714

Summary

SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an attacker to execute arbitrary code via the groupid parameter.

References

Vulnerable Configurations

CVSS

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

29-03-2024 - 12:45

Published

28-03-2024 - 23:15

Last modified

29-03-2024 - 12:45