CVE-2025-15432

A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This vulnerability affects the function downloadShowFile of the file /file/downloadShowFile.action of the component com.yeqifu.sys.controller.FileController. The manipulation of the argument path...

CVE-2025-15432

A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This vulnerability affects the function downloadShowFile of the file /file/downloadShowFile.action of the component com.yeqifu.sys.controller.FileController. The manipulation of the argument path...

CVE-2025-15432 yeqifu carRental com.yeqifu.sys.controller.FileController downloadShowFile.action downloadShowFile path traversal

A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This vulnerability affects the function downloadShowFile of the file /file/downloadShowFile.action of the component com.yeqifu.sys.controller.FileController. The manipulation of the argument path...

CVE-2025-15432

The CVE-2025-15432 issue affects yeqifu carRental, specifically the function downloadShowFile in /file/downloadShowFile.action of the com.yeqifu.sys.controller.FileController. The root cause is path traversal caused by manipulation of the path argument, allowing remote exploitation. Several sourc...

PT-2026-1054

Name of the Vulnerable Software and Affected Versions yeqifu carRental affected versions not specified Description A path traversal issue exists due to the manipulation of the path argument within the downloadShowFile function located in /file/downloadShowFile.action of the...

carRental 路径遍历漏洞

carRental is a car rental software from carRental, Inc. A path traversal vulnerability exists in carRental, which stems from a misuse of the parameter path in file/file/downloadShowFile.action, which could lead to a path traversal attack...