CVE-2024-36837

Publication date

2024-06-05 00:00:00

Family

mitre

State

PUBLISHED

Description

SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive information via the getProductList function in the ProductController.php file.