Lucene search
K

5 matches found

CNVD
CNVD
added 2020/12/08 12:0 a.m.2 views

Huawei HedEx Lite (DM) Path Traversal Vulnerability

Huawei HedEx Lite is a product document manager from Huawei China. The product supports the functions of downloading, managing and reading product documents. A path traversal vulnerability exists in Huawei HedEx Lite DM. An attacker can use the vulnerability to request a local file or resource by...

6.6AI score
Exploits0References1
CNVD
CNVD
added 2017/06/01 12:0 a.m.5 views

Huawei HedEx Lite Cross-Site Request Forgery Vulnerability

Huawei HedEx Lite is a document management software from Huawei China. A cross-site request forgery vulnerability exists in versions prior to Huawei HedEx Lite V200R006C00. An attacker can exploit this vulnerability with malicious scripts to modify the configuration and interfere with legitimate...

8.8CVSS6.7AI score0.00391EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/01 12:0 a.m.4 views

Huawei HedEx Lite Arbitrary File Download Vulnerability

Huawei HedEx Lite is a document management software from Huawei China. An arbitrary file download vulnerability exists in Huawei HedEx Lite versions prior to V200R006C00. An attacker can exploit this vulnerability to download arbitrary files locally and disclose information...

5.5CVSS6.8AI score0.00627EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/01 12:0 a.m.5 views

Huawei HedEx Lite DLL Hijacking Vulnerability

Huawei HedEx Lite is a document management software from Huawei China. A DLL hijacking vulnerability exists in Huawei HedEx Lite versions prior to V200R006C00, which originates from accessing a relative path to call a DLL file during HedEx operation. A remote attacker could exploit this...

9.3CVSS6.7AI score0.00726EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/01 12:0 a.m.5 views

Huawei HedEx Lite Cross-Site Scripting Vulnerability

Huawei HedEx Lite is a document management software from Huawei China. A cross-site scripting vulnerability exists in versions prior to Huawei HedEx Lite V200R006C00. A remote attacker can exploit this vulnerability to embed malicious scripts into the device's configuration file and interfere wit...

6.1CVSS6.2AI score0.00529EPSS
Exploits0References1
Rows per page
Query Builder