Lucene search
K

30 matches found

Nuclei
Nuclei
added 14 hours ago22 views

Landray EKP - Path Traversal

A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sysuicomponent/sysUiComponent.do?method=delPreviewFile. The manipulation of the argument directoryPath leads to path traversal. It is possible to...

6.9CVSS5.9AI score0.05597EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-26503

Malware in sbrugna...

5.4CVSS5.6AI score0.0052EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-33696

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.01504EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2024-33695

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.05597EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 7:50 a.m.9 views

CVE-2024-11239

A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the component API Interface. The manipulation of the argument folder leads to path traversal. The attack c...

5.5CVSS6.7AI score0.01504EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:33 a.m.14 views

CVE-2024-11238

A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sysuicomponent/sysUiComponent.do?method=delPreviewFile. The manipulation of the argument directoryPath leads to path traversal. It is possible to...

6.9CVSS5.3AI score0.05597EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:42 p.m.8 views

CVE-2021-3159

A stored cross site scripting XSS vulnerability in the /sys/attachment/uploaderServlet component of Landray EKP V12.0.9.R.20160325 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG, SHTML, or MHT file...

5.4CVSS5.6AI score0.0052EPSS
Exploits1References1
NVD
NVD
added 2024/11/15 2:15 p.m.31 views

CVE-2024-11239

A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the component API Interface. The manipulation of the argument folder leads to path traversal. The attack c...

5.5CVSS0.01504EPSS
Exploits1References4
OSV
OSV
added 2024/11/15 2:15 p.m.3 views

CVE-2024-11239

A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the component API Interface. The manipulation of the argument folder leads to path traversal. The attack c...

4.3CVSS5.4AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/11/15 1:31 p.m.9 views

CVE-2024-11239 Landray EKP API Interface import.do deleteFile path traversal

A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the component API Interface. The manipulation of the argument folder leads to path traversal. The attack c...

5.5CVSS5.5AI score0.01504EPSS
Exploits1References4
CVE
CVE
added 2024/11/15 1:31 p.m.78 views

CVE-2024-11239

CVE-2024-11239 affects Landray EKP up to version 16.0, specifically the API Interface’s deleteFile function at /sys/common/import.do?method=deleteFile. The vulnerability stems from manipulation of the folder argument, enabling path traversal. It can be triggered remotely, and public disclosures e...

5.5CVSS4.9AI score0.01504EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2024/11/15 1:31 p.m.29 views

CVE-2024-11239 Landray EKP API Interface import.do deleteFile path traversal

A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the component API Interface. The manipulation of the argument folder leads to path traversal. The attack c...

5.5CVSS0.01504EPSS
Exploits1References4
NVD
NVD
added 2024/11/15 1:15 p.m.31 views

CVE-2024-11238

A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sysuicomponent/sysUiComponent.do?method=delPreviewFile. The manipulation of the argument directoryPath leads to path traversal. It is possible to...

6.9CVSS0.05597EPSS
Exploits1References4
OSV
OSV
added 2024/11/15 1:15 p.m.5 views

CVE-2024-11238

A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sysuicomponent/sysUiComponent.do?method=delPreviewFile. The manipulation of the argument directoryPath leads to path traversal. It is possible to...

5.3CVSS5.3AI score0.05597EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/11/15 12:31 p.m.33 views

CVE-2024-11238 Landray EKP sysUiComponent.do delPreviewFile path traversal

A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sysuicomponent/sysUiComponent.do?method=delPreviewFile. The manipulation of the argument directoryPath leads to path traversal. It is possible to...

6.9CVSS0.05597EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/11/15 12:31 p.m.12 views

CVE-2024-11238 Landray EKP sysUiComponent.do delPreviewFile path traversal

A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sysuicomponent/sysUiComponent.do?method=delPreviewFile. The manipulation of the argument directoryPath leads to path traversal. It is possible to...

6.9CVSS6.5AI score0.05597EPSS
Exploits1References4
CVE
CVE
added 2024/11/15 12:31 p.m.68 views

CVE-2024-11238

Landray EKP up to version 16.0 is affected by a path traversal in delPreviewFile (/sys/ui/sys_ui_component/sysUiComponent.do?method=delPreviewFile) where manipulating the directoryPath argument allows remote exploitation. Public exploits exist; exploitation has been observed (CIRCL sightings). Af...

6.9CVSS5.8AI score0.05597EPSS
In wildExploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/15 12:0 a.m.8 views

PT-2024-16847 · Landray · Landray Ekp

Name of the Vulnerable Software and Affected Versions: Landray EKP versions up to 16.0 Description: A critical issue was found in the function delPreviewFile of the file "/sys/ui/sys ui component/sysUiComponent.do?method=delPreviewFile". The manipulation of the directoryPath argument leads to pat...

6.9CVSS6.6AI score0.05597EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2024/11/15 12:0 a.m.8 views

PT-2024-16848 · Landray · Landray Ekp

Name of the Vulnerable Software and Affected Versions: Landray EKP versions up to 16.0 Description: A critical vulnerability has been found in Landray EKP, affecting the deleteFile function of the file /sys/common/import.do?method=deleteFile in the API Interface component. The manipulation of the...

5.5CVSS5.8AI score0.01504EPSS
Exploits1References12
CNNVD
CNNVD
added 2024/11/15 12:0 a.m.4 views

Landray EKP 路径遍历漏洞

Landray EKP is an office automation solution from China's Landray Corporation that enables companies to easily model and manage their business. A path traversal vulnerability exists in Landray EKP V16.0 and earlier versions, which stems from the parameter folder in the file...

5.5CVSS5.5AI score0.01504EPSS
Exploits1References4
Rows per page
Query Builder