CVE-2024-36837 | CRMEB 5.2.2 ProductController.php getProductList information disclosure

Inserito da Angelo Barbosa | Giu 5, 2024 | CVE

A vulnerability classified as problematic was found in CRMEB 5.2.2. Affected by this vulnerability is the function getProductList of the file ProductController.php. The manipulation leads to information disclosure.

This vulnerability is known as CVE-2024-36837. The attack can be launched remotely. There is no exploit available.

CVE-2024-36837 | CRMEB 5.2.2 ProductController.php getProductList information disclosure

Post correlati

CVE-2021-47288 | Linux Kernel up to 5.13.5 media string.h ngene_command_config_free_buf array index

CVE-2024-37890 | websockets ws up to 5.2.3/6.2.2/7.5.9/8.17.0 on Node.js Request Header null pointer dereference

CVE-2024-41376 | dzzoffice 2.02.1 user/space/about.php path traversal (Issue 252)

CVE-2024-27827 | Apple macOS up to 14.4 App state issue (HT214106)