CVE-2025-15443 | CRMEB up to 5.6.1 product_export cate_id sql injection

Uncategorized
Yanac

A vulnerability was found in CRMEB up to 5.6.1. It has been declared as critical. This issue affects some unknown processing of the file /adminapi/product/product_export. Such manipulation of the argument cate_id leads to sql injection.

This vulnerability is traded as CVE-2025-15443. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More