CVE-2024-0989
CVE-2024-0989 affects Sichuan Yougou Technology KuERP up to v1.0.4. The del_sn_db function in /application/index/controller/Service.php processes the file argument leading to path traversal (example '../filedir'). The exploit has been disclosed publicly. Impact per CVSSv3.1: Network, no user inte...