40 matches found
EUVD-2024-35185
Malicious code in bioql PyPI...
EUVD-2023-28279
Malicious code in bioql PyPI...
EUVD-2023-28280
Malicious code in bioql PyPI...
EUVD-2023-28278
Malicious code in bioql PyPI...
CVE-2024-33118
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the fileDownload method in class com.luckyframe.project.common.CommonController...
CVE-2023-24220
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/RoleMapper.xml...
CVE-2023-24221
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/DeptMapper.xml...
CVE-2023-24219
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/UserMapper.xml...
CVE-2024-35081
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method...
CVE-2024-35081
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method...
CVE-2024-35081
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method...
CVE-2024-35081
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method...
CVE-2024-35081
LuckyFrameWeb v3.5.2 is affected by CVE-2024-35081: an arbitrary file deletion vulnerability exposed through the fileName parameter in the fileDownload method. The issue allows deletion of files and is described as a security vulnerability with high integrity impact (I: high) while confidentialit...
CVE-2024-35081
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method...
LuckyFrameWeb 安全漏洞
LuckyFrameWeb is an open source testing platform open source by LuckyFrameWeb. A security vulnerability exists in LuckyFrameWeb version v3.5.2, which originates from an arbitrary file deletion via the fileName parameter in the fileDownload method...
PT-2024-26310 · Unknown · Luckyframeweb
Name of the Vulnerable Software and Affected Versions: LuckyFrameWeb version 3.5.2 Description: The issue allows for arbitrary file deletion via the fileName parameter in the fileDownload method. Recommendations: For version 3.5.2, avoid using the fileName parameter in the fileDownload method unt...
CVE-2024-33118
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the fileDownload method in class com.luckyframe.project.common.CommonController...
PT-2024-25120 · Unknown · Luckyframeweb
Name of the Vulnerable Software and Affected Versions: LuckyFrameWeb version 3.5.2 Description: The issue is related to an arbitrary read vulnerability. It affects the fileDownload method in the class com.luckyframe.project.common.CommonController. Recommendations: For LuckyFrameWeb version 3.5.2...
LuckyFrameWeb 安全漏洞
LuckyFrameWeb is an open source testing platform open-sourced by LuckyFrameWeb. A security vulnerability exists in LuckyFrameWeb version v3.5.2, which was discovered to contain an arbitrary read vulnerability via the fileDownload method in the com.luckyframe.project.common.CommonController class...
CVE-2024-33118
LuckyFrameWeb v3.5.2 is affected by an arbitrary read in the fileDownload method of com.luckyframe.project.common.CommonController. Evidence from multiple sources confirms the vulnerable version and component, with CVSSv3.1 base score 7.5 (HIGH) and network attack vector. Technical details across...