Approved changes feed: RSS · Atom

cpe:2.3:a:100296:qdbcrm:1.1.0:*:*:*:*:*:*:*

part: a version: 1.1.0 update: *

Vendor100296 (323fc9bf-5bbf-5706-8d73-5a503a5aae2c)
ProductQdbcrm (73e3a07c-fc05-5439-925b-faf7cab396e3)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-0880 vulnerable 2026-06-08 06:22:03.052471 Qidianbang qdbcrm Password Reset cross-site request forgery
MEDIUM (4.3)
A vulnerability was found in Qidianbang qdbcrm 1.1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /user/edit?id=2 of the component Password Reset. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252032. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2024-01-25T17:31:04.024Z
Updated: 2025-06-03T18:21:19.930Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.