VYPR

LiveConfig

by LiveConfig

CVEs (3)

  • CVE-2024-22851HigFeb 2, 2024
    risk 0.49cvss 7.5epss 0.01

    Directory Traversal Vulnerability in LiveConfig before v.2.5.2 allows a remote attacker to obtain sensitive information via a crafted request to the /static/ endpoint.

  • CVE-2021-40841MedFeb 18, 2022
    risk 0.42cvss 6.5epss 0.01

    A Path Traversal vulnerability for a log file in LiveConfig 2.12.2 allows authenticated attackers to read files on the underlying server.

  • CVE-2021-40840MedFeb 18, 2022
    risk 0.35cvss 5.4epss 0.00

    A Stored XSS issue exists in the admin/users user administration form in LiveConfig 2.12.2.