Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Lemon Security Vulnerabilities

cve
cve

CVE-2018-18315

com/mossle/cdn/CdnController.java in lemon 1.9.0 allows attackers to upload arbitrary files because the copyMultipartFileToFile method in CdnUtils only checks for a ../ substring, and does not validate the file type and spaceName parameter.

7.5CVSS

7.5AI Score

0.001EPSS

2018-10-15 04:29 AM
22
cve
cve

CVE-2020-20597

A cross-site scripting (XSS) vulnerability in the potrtalItemName parameter in \web\PortalController.java of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML.

6.1CVSS

6AI Score

0.001EPSS

2021-12-22 11:15 PM
29
cve
cve

CVE-2020-20598

A cross-site scripting (XSS) vulnerability in the Editing component of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML.

6.1CVSS

6AI Score

0.001EPSS

2021-12-22 11:15 PM
28