6 matches found
CVE-2026-0571
CVE-2026-0571 affects yeqifu warehouse. The vulnerability is in AppFileUtils.java: createResponseEntity, where improper handling of the path argument enables path traversal. The issue can be exploited remotely, and public PoC/ exploits have been published. No version details are provided for affe...
CVE-2026-0571 yeqifu warehouse AppFileUtils.java createResponseEntity path traversal
A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function createResponseEntity of the file warehouse\src\main\java\com\yeqifu\sys\common\AppFileUtils.java. The manipulation of the argument path results in path...
CVE-2026-0571 yeqifu warehouse AppFileUtils.java createResponseEntity path traversal
A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function createResponseEntity of the file warehouse\src\main\java\com\yeqifu\sys\common\AppFileUtils.java. The manipulation of the argument path results in path...
CVE-2025-9650
A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This affects the function removeFileByPath of the file src/main/java/com/yeqifu/sys/utils/AppFileUtils.java. The manipulation of the argument carimg leads to path traversal. The attack is possible t...
CVE-2025-9650
A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This affects the function removeFileByPath of the file src/main/java/com/yeqifu/sys/utils/AppFileUtils.java. The manipulation of the argument carimg leads to path traversal. The attack is possible t...
CVE-2025-9650
CVE-2025-9650 affects yeqifu carRental; the path traversal flaw is in AppFileUtils.removeFileByPath (taking carimg) and is remotely exploitable with a disclosed exploit. Connected sources corroborate the vulnerability in versions up to 3fabb7eae93d209426638863980301d6f99866b3. Practical impact in...