A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2....
Low severity
Unreviewed
Published
Feb 21, 2024
to the GitHub Advisory Database
•
Updated Dec 5, 2024
Description
Published by the National Vulnerability Database
Feb 21, 2024
Published to the GitHub Advisory Database
Feb 21, 2024
Last updated
Dec 5, 2024
A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254391. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References