High severity8.1NVD Advisory· Published Mar 28, 2024· Updated Jul 9, 2026
CVE-2024-28714
CVE-2024-28714
Description
SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an attacker to execute arbitrary code via the groupid parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- CRMEB_Java/e-commerce systemdescription
- Range: =1.3.4
Patches
Vulnerability mechanics
References
3- github.com/JiangXiaoBaiJia/cve2/blob/main/1.mdnvdExploitThird Party Advisory
- github.com/JiangXiaoBaiJia/cve2/blob/main/a.pngnvdExploit
- www.vicarius.io/vsociety/posts/ssti-in-mblog-351-a-tale-of-a-glorified-rce-cve-2024-28713-28714nvdNot Applicable
News mentions
0No linked articles in our index yet.