Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

39 matches found

Nuclei
Nucleiadded yesterday20 views

Landray EKP - Path Traversal

A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sysuicomponent/sysUiComponent.do?method=delPreviewFile. The manipulation of the argument directoryPath leads to path traversal. It is possible to...

6.9CVSS6AI score0.05597EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2021-26503

Malware in sbrugna...

5.4CVSS5.6AI score0.0052EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.10 views

EUVD-2024-33695

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.05597EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-33696

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.01504EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-46062

Malicious code in bioql PyPI...

8.1CVSS6.6AI score0.00269EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/07/19 12:1 a.m.10 views

CVE-2023-41566

OA EKP v16 was discovered to contain an arbitrary download vulnerability via the component /ui/sysuiextend/sysUiExtend.do. This vulnerability allows attackers to obtain the password of the background administrator and further obtain database permissions...

8.1CVSS7.8AI score0.00269EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/07/17 12:0 a.m.3 views

CVE-2023-41566

OA EKP v16 was discovered to contain an arbitrary download vulnerability via the component /ui/sysuiextend/sysUiExtend.do. This vulnerability allows attackers to obtain the password of the background administrator and further obtain database permissions...

7.2AI score0.00269EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/07/17 12:0 a.m.1 views

PT-2025-29922 · Unknown · Oa Ekp Version 16

Name of the Vulnerable Software and Affected Versions: OA EKP version 16 Description: OA EKP version 16 contains an arbitrary download vulnerability within the /ui/sys ui extend/sysUiExtend.do component. This issue allows attackers to obtain the background administrator password and subsequently...

8.1CVSS6.5AI score0.00269EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/07/17 12:0 a.m.7 views

CVE-2023-41566

OA EKP v16 was discovered to contain an arbitrary download vulnerability via the component /ui/sysuiextend/sysUiExtend.do. This vulnerability allows attackers to obtain the password of the background administrator and further obtain database permissions...

0.00269EPSS
Exploits0References2
CVE
CVEadded 2025/07/17 12:0 a.m.15 views

CVE-2023-41566

CVE-2023-41566 affects OA EKP v16. An arbitrary download vulnerability exists in the component /ui/sys_ui_extend/sysUiExtend.do that can enable attackers to obtain the background administrator password and subsequently gain database permissions. Reported CVSS v3.1 metrics indicate a network-adjac...

8.1CVSS7.3AI score0.00269EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/23 7:50 a.m.7 views

CVE-2024-11239

A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the component API Interface. The manipulation of the argument folder leads to path traversal. The attack c...

5.5CVSS6.7AI score0.01504EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:33 a.m.10 views

CVE-2024-11238

A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sysuicomponent/sysUiComponent.do?method=delPreviewFile. The manipulation of the argument directoryPath leads to path traversal. It is possible to...

6.9CVSS5.3AI score0.05597EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 7:42 p.m.6 views

CVE-2021-3159

A stored cross site scripting XSS vulnerability in the /sys/attachment/uploaderServlet component of Landray EKP V12.0.9.R.20160325 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG, SHTML, or MHT file...

5.4CVSS5.6AI score0.0052EPSS
Exploits1References1
OSV
OSVadded 2024/11/15 2:15 p.m.2 views

CVE-2024-11239

A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the component API Interface. The manipulation of the argument folder leads to path traversal. The attack c...

4.3CVSS5.4AI score
Exploits0References4
NVD
NVDadded 2024/11/15 2:15 p.m.17 views

CVE-2024-11239

A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the component API Interface. The manipulation of the argument folder leads to path traversal. The attack c...

5.5CVSS0.01504EPSS
Exploits1References4
CVE
CVEadded 2024/11/15 1:31 p.m.76 views

CVE-2024-11239

CVE-2024-11239 affects Landray EKP up to version 16.0, specifically the API Interface’s deleteFile function at /sys/common/import.do?method=deleteFile. The vulnerability stems from manipulation of the folder argument, enabling path traversal. It can be triggered remotely, and public disclosures e...

5.5CVSS4.9AI score0.01504EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2024/11/15 1:31 p.m.8 views

CVE-2024-11239 Landray EKP API Interface import.do deleteFile path traversal

A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the component API Interface. The manipulation of the argument folder leads to path traversal. The attack c...

5.5CVSS5.5AI score0.01504EPSS
Exploits1References4
Cvelist
Cvelistadded 2024/11/15 1:31 p.m.18 views

CVE-2024-11239 Landray EKP API Interface import.do deleteFile path traversal

A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the component API Interface. The manipulation of the argument folder leads to path traversal. The attack c...

5.5CVSS0.01504EPSS
Exploits1References4
OSV
OSVadded 2024/11/15 1:15 p.m.1 views

CVE-2024-11238

A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sysuicomponent/sysUiComponent.do?method=delPreviewFile. The manipulation of the argument directoryPath leads to path traversal. It is possible to...

5.3CVSS5.3AI score
Exploits0References4
NVD
NVDadded 2024/11/15 1:15 p.m.17 views

CVE-2024-11238

A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sysuicomponent/sysUiComponent.do?method=delPreviewFile. The manipulation of the argument directoryPath leads to path traversal. It is possible to...

6.9CVSS0.05597EPSS
Exploits1References4
Rows per page
Query Builder