29 matches found
CVE-2024-7741
CVE-2024-7741 affects wanglongcn ltcms 1.0.20. The issue is in the API Endpoint function downloadFile (/api/file/downloadfile) where manipulation of the file parameter enables path traversal. The attack could be launched remotely and the exploit has been disclosed publicly. No public details in t...
CVE-2024-7740 wanglongcn ltcms API Endpoint download server-side request forgery
A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical. This vulnerability affects the function download of the file /api/test/download of the component API Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack can be initiat...
CVE-2024-7740 wanglongcn ltcms API Endpoint download server-side request forgery
A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical. This vulnerability affects the function download of the file /api/test/download of the component API Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack can be initiat...
CVE-2024-7740
CVE-2024-7740 — Wanglong LTcms 1.0.20 : A server-side request forgery (SSRF) vulnerability exists in the API Endpoint download function (/api/test/download) triggered by manipulating the url parameter. The issue is exploitable remotely, with public disclosures noted. Affected software: Wanglong L...
PT-2024-38549 · Wanglongcn · Ltcms
Name of the Vulnerable Software and Affected Versions: wanglongcn ltcms version 1.0.20 Description: A critical issue affects the downloadFile function of the /api/file/downloadfile API Endpoint, where manipulation of the file argument leads to path traversal. This issue can be initiated remotely...
Wanglong LTcms 代码问题漏洞
Wanglong LTcms is an enterprise website builder from China's Wanglong company. A code issue vulnerability exists in Wanglong LTcms version 1.0.20, which stems from an incorrect operation of the parameter file that can lead to server-side request forgery...
Wanglong LTcms 路径遍历漏洞
Wanglong LTcms is an enterprise website builder from China NetDragon Wanglong. A path traversal vulnerability exists in Wanglong LTcms version 1.0.20, which stems from an incorrect operation of the parameter file that can lead to path traversal...
PT-2024-38550 · Wanglongcn · Ltcms
Name of the Vulnerable Software and Affected Versions: wanglongcn ltcms version 1.0.20 Description: A critical issue has been found, affecting the multiDownload function of the /api/file/multiDownload API Endpoint. The manipulation of the file argument leads to server-side request forgery, allowi...
Wanglong LTcms 代码问题漏洞
Wanglong LTcms is an enterprise website builder from China's Wanglong company. A code issue vulnerability exists in Wanglong LTcms version 1.0.20, which stems from an incorrect manipulation of the parameter url that can lead to server-side request forgery...