浏览 22+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-1734 | Zhong Bang CRMEB crontab Endpoint CrontabController.php authorization | Zhong Bang | CRMEB | Medium | 5.3 | 2026-02-01 23:32:06 | Deep Dive |
| CVE-2026-1733 | Zhong Bang CRMEB :uni tidyOrder improper authorization | Zhong Bang | CRMEB | Medium | 4.3 | 2026-02-01 23:02:07 | Deep Dive |
| CVE-2026-1203 | CRMEB JSON Token LoginServices.php remoteRegister improper authentication | - | CRMEB | Medium | 5.6 | 2026-01-20 01:02:09 | Deep Dive |
| CVE-2026-1202 | CRMEB LoginController.php appleLogin improper authentication | - | CRMEB | High | 7.3 | 2026-01-20 01:02:06 | Deep Dive |
| CVE-2025-15443 | CRMEB product_export sql injection | - | CRMEB | Medium | 4.7 | 2026-01-04 11:32:06 | Deep Dive |
| CVE-2025-15442 | CRMEB product_list sql injection | - | CRMEB | Medium | 4.7 | 2026-01-04 11:02:06 | Deep Dive |
| CVE-2025-11290 | CRMEB JWT HMAC Secret hard-coded key | - | CRMEB | Medium | 5.6 | 2025-10-05 11:32:05 | Deep Dive |
| CVE-2025-11288 | CRMEB GET Parameter product sql injection | - | CRMEB | Medium | 6.3 | 2025-10-05 07:32:07 | Deep Dive |
| CVE-2025-10391 | CRMEB OutAccountServices.php testOutUrl server-side request forgery | - | CRMEB | Medium | 6.3 | 2025-09-14 05:02:07 | Deep Dive |
| CVE-2025-10390 | CRMEB UserAddressServices.php editAddress improper authorization | - | CRMEB | Medium | 5.4 | 2025-09-14 04:32:05 | Deep Dive |
| CVE-2025-10389 | CRMEB Administrator Password SystemAdminServices.php save improper authorization | - | CRMEB | Medium | 5.4 | 2025-09-14 04:02:06 | Deep Dive |
| CVE-2024-6944 | ZhongBangKeJi CRMEB PublicController.php get_image_base64 deserialization | ZhongBangKeJi | CRMEB | Medium | 6.3 | 2024-07-21 07:31:04 | Deep Dive |
| CVE-2024-6943 | ZhongBangKeJi CRMEB CopyTaobaoServices.php downloadImage deserialization | ZhongBangKeJi | CRMEB | Medium | 6.3 | 2024-07-21 07:00:07 | Deep Dive |
| CVE-2024-1704 | ZhongBangKeJi CRMEB crud delete path traversal | ZhongBangKeJi | CRMEB | Medium | 5.5 | 2024-02-21 17:31:04 | Deep Dive |
| CVE-2024-1703 | ZhongBangKeJi CRMEB openfile absolute path traversal | ZhongBangKeJi | CRMEB | Low | 3.5 | 2024-02-21 17:00:10 | Deep Dive |
| CVE-2023-3234 | Zhong Bang CRMEB PublicController.php put_image deserialization | Zhong Bang | CRMEB | Medium | 4.3 | 2023-06-14 06:31:04 | Deep Dive |
| CVE-2023-3233 | Zhong Bang CRMEB PublicController.php get_image_base64 server-side request forgery | Zhong Bang | CRMEB | Medium | 6.3 | 2023-06-14 06:31:03 | Deep Dive |
| CVE-2023-3232 | Zhong Bang CRMEB Image Upload app_auth deserialization | Zhong Bang | CRMEB | Medium | 6.3 | 2023-06-14 06:00:04 | Deep Dive |
| CVE-2023-2419 | Zhong Bang CRMEB SystemAttachmentServices.php videoUpload unrestricted upload | Zhong Bang | CRMEB | Medium | 4.7 | 2023-04-29 01:00:06 | Deep Dive |
| CVE-2023-1609 | Zhong Bang CRMEB Java save cross site scripting | Zhong Bang | CRMEB Java | Low | 3.5 | 2023-03-23 20:00:05 | Deep Dive |