Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2024-0989
HistoryJan 29, 2024 - 1:15 a.m.

Path traversal

2024-01-2901:15:00
PRIOn knowledge base
www.prio-n.com
5
path traversal vulnerability
sichuan yougou technology kuerp
version 1.0.4
del_sn_db function
service.php
file manipulation
exploit disclosure
vdb-252254
non-responsive vendor

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

59.3%

JSON

A vulnerability, which was classified as problematic, has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this issue is the function del_sn_db of the file /application/index/controller/Service.php. The manipulation of the argument file leads to path traversal: ‘…/filedir’. The exploit has been disclosed to the public and may be used. VDB-252254 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CPENameOperatorVersion
kuerple1.0.4

Related

nvd 1
cvelist 1
cve 1
nvd
nvd
CVE-2024-0989
2024-01-29 01:15:07
cvelist
cvelist
CVE-2024-0989 Sichuan Yougou Technology KuERP Service.php del_sn_db path traversal
2024-01-29 00:31:03
cve
cve
CVE-2024-0989
2024-01-29 01:15:07

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

59.3%

JSON
Related for PRION:CVE-2024-0989
nvd1cvelist1cve1