cbcvebase.

Wanglongcn Ltcms vulnerabilities

4 known vulnerabilities affecting wanglongcn/ltcms.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2024-7740P2CRITICALCVSS 9.8v1.0.202024-08-13
CVE-2024-7740 [CRITICAL] CWE-918 CVE-2024-7740: A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical. This vulnerabi A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical. This vulnerability affects the function download of the file /api/test/download of the component API Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the pub
nvd
CVE-2024-7743P2CRITICALCVSS 9.8v1.0.202024-08-13
CVE-2024-7743 [CRITICAL] CWE-918 CVE-2024-7743: A vulnerability was found in wanglongcn ltcms 1.0.20. It has been declared as critical. Affected by A vulnerability was found in wanglongcn ltcms 1.0.20. It has been declared as critical. Affected by this vulnerability is the function downloadUrl of the file /api/file/downloadUrl of the component API Endpoint. The manipulation of the argument file leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclo
nvd
CVE-2024-7742P2CRITICALCVSS 9.8v1.0.202024-08-13
CVE-2024-7742 [CRITICAL] CWE-918 CVE-2024-7742: A vulnerability was found in wanglongcn ltcms 1.0.20. It has been classified as critical. Affected i A vulnerability was found in wanglongcn ltcms 1.0.20. It has been classified as critical. Affected is the function multiDownload of the file /api/file/multiDownload of the component API Endpoint. The manipulation of the argument file leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to
nvd
CVE-2024-7741P3MEDIUMCVSS 5.3v1.0.202024-08-13
CVE-2024-7741 [MEDIUM] CWE-22 CVE-2024-7741: A vulnerability was found in wanglongcn ltcms 1.0.20 and classified as critical. This issue affects A vulnerability was found in wanglongcn ltcms 1.0.20 and classified as critical. This issue affects the function downloadFile of the file /api/file/downloadfile of the component API Endpoint. The manipulation of the argument file leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd
Wanglongcn Ltcms vulnerabilities | cvebase