CVE-2024-25469

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-25469

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-25469.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-25469

Published

2024-02-23T23:15:09Z

Modified

2025-04-26T13:46:55.925025Z

Summary

[none]

Details

SQL Injection vulnerability in CRMEB crmeb_java v.1.3.4 and before allows a remote attacker to obtain sensitive information via the latitude and longitude parameters in the api/front/store/list component.

References

https://github.com/crmeb/crmeb_java/issues/20
https://github.com/crmeb/crmeb_java/

Affected packages

Git / github.com/crmeb/crmeb_java

Affected ranges

Type: GIT
Repo: https://github.com/crmeb/crmeb_java
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

d3b93d20fd624f587b6fc9ffcb26c3f2ec5ae0e3

Affected versions

v1.*

v1.3.4