Security Advisory

CVE-2024-7742

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-08-13 21:00:04

Last updated 2024-08-15 18:36:28

Assigner VulDB

State PUBLISHED

Description

A vulnerability was found in wanglongcn ltcms 1.0.20. It has been classified as critical. Affected is the function multiDownload of the file /api/file/multiDownload of the component API Endpoint. The manipulation of the argument file leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

← Browse all CVEs View on cve.org ↗