Lucene search
K

29 matches found

CVE
CVE
added 2024/08/13 8:0 p.m.72 views

CVE-2024-7741

CVE-2024-7741 affects wanglongcn ltcms 1.0.20. The issue is in the API Endpoint function downloadFile (/api/file/downloadfile) where manipulation of the file parameter enables path traversal. The attack could be launched remotely and the exploit has been disclosed publicly. No public details in t...

6.9CVSS5.3AI score0.00945EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/13 8:0 p.m.21 views

CVE-2024-7740 wanglongcn ltcms API Endpoint download server-side request forgery

A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical. This vulnerability affects the function download of the file /api/test/download of the component API Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack can be initiat...

7.5CVSS6.7AI score0.0078EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/08/13 8:0 p.m.35 views

CVE-2024-7740 wanglongcn ltcms API Endpoint download server-side request forgery

A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical. This vulnerability affects the function download of the file /api/test/download of the component API Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack can be initiat...

7.5CVSS0.0078EPSS
Exploits1References4
CVE
CVE
added 2024/08/13 8:0 p.m.78 views

CVE-2024-7740

CVE-2024-7740 — Wanglong LTcms 1.0.20 : A server-side request forgery (SSRF) vulnerability exists in the API Endpoint download function (/api/test/download) triggered by manipulating the url parameter. The issue is exploitable remotely, with public disclosures noted. Affected software: Wanglong L...

9.8CVSS7.2AI score0.0078EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/13 12:0 a.m.7 views

PT-2024-38549 · Wanglongcn · Ltcms

Name of the Vulnerable Software and Affected Versions: wanglongcn ltcms version 1.0.20 Description: A critical issue affects the downloadFile function of the /api/file/downloadfile API Endpoint, where manipulation of the file argument leads to path traversal. This issue can be initiated remotely...

6.9CVSS5.5AI score0.00945EPSS
Exploits1References9
CNNVD
CNNVD
added 2024/08/13 12:0 a.m.3 views

Wanglong LTcms 代码问题漏洞

Wanglong LTcms is an enterprise website builder from China's Wanglong company. A code issue vulnerability exists in Wanglong LTcms version 1.0.20, which stems from an incorrect operation of the parameter file that can lead to server-side request forgery...

9.8CVSS7.5AI score0.00824EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/08/13 12:0 a.m.3 views

Wanglong LTcms 路径遍历漏洞

Wanglong LTcms is an enterprise website builder from China NetDragon Wanglong. A path traversal vulnerability exists in Wanglong LTcms version 1.0.20, which stems from an incorrect operation of the parameter file that can lead to path traversal...

6.9CVSS5.5AI score0.00945EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/08/13 12:0 a.m.12 views

PT-2024-38550 · Wanglongcn · Ltcms

Name of the Vulnerable Software and Affected Versions: wanglongcn ltcms version 1.0.20 Description: A critical issue has been found, affecting the multiDownload function of the /api/file/multiDownload API Endpoint. The manipulation of the file argument leads to server-side request forgery, allowi...

9.8CVSS7.4AI score0.00824EPSS
Exploits1References9
CNNVD
CNNVD
added 2024/08/13 12:0 a.m.4 views

Wanglong LTcms 代码问题漏洞

Wanglong LTcms is an enterprise website builder from China's Wanglong company. A code issue vulnerability exists in Wanglong LTcms version 1.0.20, which stems from an incorrect manipulation of the parameter url that can lead to server-side request forgery...

9.8CVSS7.5AI score0.0078EPSS
Exploits1References5
Rows per page
Query Builder