3 matches found
CVE-2024-13984
QiAnXin TianQing Management Center versions up to and including 6.7.0.4130 contain a path traversal vulnerability in the rptsvr component that allows unauthenticated attackers to upload files to arbitrary locations on the server. The /rptsvr/upload endpoint fails to sanitize the filename paramete...
CVE-2024-13984 Qi'anxin TianQing Management Center rptsvr Arbitrary File Upload
QiAnXin TianQing Management Center versions up to and including 6.7.0.4130 contain a path traversal vulnerability in the rptsvr component that allows unauthenticated attackers to upload files to arbitrary locations on the server. The /rptsvr/upload endpoint fails to sanitize the filename paramete...
PT-2025-34941 · Qi Anxin · Qianxin Tianqing Management Center
Name of the Vulnerable Software and Affected Versions: QiAnXin TianQing Management Center versions up to and including 6.7.0.4130 Description: QiAnXin TianQing Management Center versions up to and including 6.7.0.4130 contain a path traversal vulnerability in the rptsvr component. Unauthenticated...