Vulnerabilities

CVE-2025-15443 - CRMEB product_export sql injection

2026-01-04 0 views admin

CVE ID : CVE-2025-15443 Published : Jan. 4, 2026, 12:15 p.m. | 26 minutes ago Description : A vulnerability was identified in CRMEB up to 5.6.1. This issue affects some unknown processing of the file /adminapi/product/product_export. Such manipulation of the argument cate_id leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-15443

Severity

MEDIUM

Published

Jan. 4, 2026

Impact: sql injection

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-15443medium

CVE-2025-15443 - CRMEB product_export sql injection

CVE Details

🏷️ Tags

More from Vulnerabilities

Essential Guide: CVE-2025-15458 - bg5sbk MiniCMS Article post-edit.php improper authentication

CVE-2025-14124 - Team < 5.0.11 - Unauthenticated SQLi

Latest: CVE-2025-15460 - UTT 进取 520W formPptpClientConfig strcpy buffer overflow

Report: CVE-2025-15459 - UTT 进取 520W formUser strcpy buffer overflow

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting