cbcvebase.

Landray Ekp vulnerabilities

3 known vulnerabilities affecting landray/landray_ekp.

Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2024-11238P1MEDIUMCVSS 5.3ExploitedPoC≤ 16.02024-11-15
CVE-2024-11238 [MEDIUM] CWE-22 CVE-2024-11238: A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sys_ui_component/sysUiComponent.do?method=delPreviewFile. The manipulation of the argument directoryPath leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disc
nvd
CVE-2024-11239P4MEDIUMCVSS 4.3≤ 16.02024-11-15
CVE-2024-11239 [MEDIUM] CWE-22 CVE-2024-11239: A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerabil A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the component API Interface. The manipulation of the argument folder leads to path traversal. The attack can be initiated remotely. The exploit has been disclose
nvd
CVE-2021-3159P4MEDIUMCVSS 5.4v12.0.9.r.201603252021-07-23
CVE-2021-3159 [MEDIUM] CWE-79 CVE-2021-3159: A stored cross site scripting (XSS) vulnerability in the /sys/attachment/uploaderServlet component o A stored cross site scripting (XSS) vulnerability in the /sys/attachment/uploaderServlet component of Landray EKP V12.0.9.R.20160325 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG, SHTML, or MHT file.
nvd
Landray Ekp vulnerabilities | cvebase