Security Advisory

CVE-2024-28714

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-03-28 00:00:00
Last updated 2024-08-19 07:47:58
Assigner mitre
State PUBLISHED

Description

SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an attacker to execute arbitrary code via the groupid parameter.