VYPR

Easyadmin

by Easycorp

Source repositories

CVEs (5)

  • CVE-2024-2828MedMar 22, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability, which was classified as critical, was found in lakernote EasyAdmin up to 20240315. Affected is the function thumbnail of the file src/main/java/com/laker/admin/module/sys/controller/IndexController.java. The manipulation of the argument url leads to server-side…

  • CVE-2024-2827MedMar 22, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability, which was classified as critical, has been found in lakernote EasyAdmin up to 20240315. This issue affects some unknown processing of the file /ureport/designer/saveReportFile. The manipulation leads to server-side request forgery. The attack may be initiated…

  • CVE-2024-2826MedMar 22, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability classified as problematic was found in lakernote EasyAdmin up to 20240315. This vulnerability affects unknown code of the file /ureport/designer/saveReportFile. The manipulation leads to xml external entity reference. The attack can be initiated remotely. The…

  • CVE-2024-2825MedMar 22, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability classified as critical has been found in lakernote EasyAdmin up to 20240315. This affects an unknown part of the file /ureport/designer/saveReportFile. The manipulation of the argument file leads to path traversal: '../filedir'. It is possible to initiate the…

  • CVE-2024-3081LowMar 29, 2024
    risk 0.16cvss 3.5epss 0.01

    A vulnerability was found in EasyCorp EasyAdmin up to 4.8.9. It has been declared as problematic. Affected by this vulnerability is the function Autocomplete of the file assets/js/autocomplete.js of the component Autocomplete. The manipulation of the argument item leads to cross…