Lucene search
+L

28 matches found

Vulnrichment
Vulnrichment
added 2023/09/14 12:0 a.m.7 views

CVE-2023-42180

An arbitrary file upload vulnerability in the /user/upload component of lenosp 1.0-1.2.0 allows attackers to execute html code via a crafted JPG file...

7.3AI score0.00618EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/09/14 12:0 a.m.5 views

PT-2023-28285

Name of the Vulnerable Software and Affected Versions Lenosp versions 1.0.0 through 1.2.0 Description The issue concerns SQL Injection via the log query module. Recommendations For versions 1.0.0 through 1.2.0, consider restricting access to the log query module to minimize the risk of...

6.5CVSS6.8AI score0.00484EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/09/14 12:0 a.m.33 views

CVE-2023-42178

Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module...

7.2AI score0.00484EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/09/14 12:0 a.m.19 views

CVE-2023-42180

An arbitrary file upload vulnerability in the /user/upload component of lenosp 1.0-1.2.0 allows attackers to execute html code via a crafted JPG file...

8.8AI score0.00618EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/09/14 12:0 a.m.13 views

CVE-2023-42178

Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module...

8.1AI score0.00484EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/09/14 12:0 a.m.5 views

Lenosp SQL Injection Vulnerability

Lenosp is a Spring Boot 2.0 rapid development modular scaffolding organized by Zhengzhou Programmers zzdevelop in China. A security vulnerability exists in Lenosp versions 1.0.0 through 1.2.0, which stems from easy SQL injection via the Log Query module...

6.5CVSS7.9AI score0.00484EPSS
Exploits1References4
CVE
CVE
added 2023/09/14 12:0 a.m.31 views

CVE-2023-42178

Lenosp versions 1.0.0–1.2.0 are vulnerable to SQL Injection via the log query module. The connected documents confirm the affected range and the module as the entry point, but do not provide exploit specifics. PT-2023-28285 suggests restricting access to the log query module as a mitigation until...

6.5CVSS6.9AI score0.00484EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/09/14 12:0 a.m.29 views

CVE-2023-42180

CVE-2023-42180 affects lenosp versions 1.0–1.2.0. The vulnerability is an arbitrary file upload in the /user/upload component that allows an attacker to execute HTML code through a crafted JPG file. This is a root-cause issue in handling file uploads rather than a traditional code-path flaw, as r...

8.8CVSS8.6AI score0.00618EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder