Kuerp@* Security Vulnerabilities and Issues — Kuerp@* CVE List

Lucene search

Kuerp ProjectKuerp*

3 matches found

CVE•added 2024/01/29 12:15 a.m.•42 views

CVE-2024-0987

A vulnerability classified as critical has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected is an unknown function of the file /runtime/log. The manipulation leads to improper output neutralization for logs. The exploit has been disclosed to the public and may be used. The identi...

9.8CVSS9.5AI score0.00181EPSS

CVE•added 2024/01/29 12:15 a.m.•35 views

CVE-2024-0988

A vulnerability classified as critical was found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this vulnerability is the function checklogin of the file /application/index/common.php. The manipulation of the argument App_User_id/App_user_Token leads to improper authentication. The exp...

9.8CVSS9.4AI score0.00168EPSS

CVE•added 2024/01/29 1:15 a.m.•26 views

CVE-2024-0989

A vulnerability, which was classified as problematic, has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this issue is the function del_sn_db of the file /application/index/controller/Service.php. The manipulation of the argument file leads to path traversal: '../filedir'. T...

9.8CVSS9.3AI score0.00111EPSS