Security Advisory
CVE-2024-28714
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an attacker to execute arbitrary code via the groupid parameter.