Easyadmin
by Easycorp
Source repositories
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-2828 | Med | 0.41 | 6.3 | 0.01 | Mar 22, 2024 | A vulnerability, which was classified as critical, was found in lakernote EasyAdmin up to 20240315. Affected is the function thumbnail of the file src/main/java/com/laker/admin/module/sys/controller/IndexController.java. The manipulation of the argument url leads to server-side… | ||
| CVE-2024-2827 | Med | 0.41 | 6.3 | 0.01 | Mar 22, 2024 | A vulnerability, which was classified as critical, has been found in lakernote EasyAdmin up to 20240315. This issue affects some unknown processing of the file /ureport/designer/saveReportFile. The manipulation leads to server-side request forgery. The attack may be initiated… | ||
| CVE-2024-2826 | Med | 0.41 | 6.3 | 0.01 | Mar 22, 2024 | A vulnerability classified as problematic was found in lakernote EasyAdmin up to 20240315. This vulnerability affects unknown code of the file /ureport/designer/saveReportFile. The manipulation leads to xml external entity reference. The attack can be initiated remotely. The… | ||
| CVE-2024-2825 | Med | 0.41 | 6.3 | 0.01 | Mar 22, 2024 | A vulnerability classified as critical has been found in lakernote EasyAdmin up to 20240315. This affects an unknown part of the file /ureport/designer/saveReportFile. The manipulation of the argument file leads to path traversal: '../filedir'. It is possible to initiate the… | ||
| CVE-2024-3081 | Low | 0.16 | 3.5 | 0.01 | Mar 29, 2024 | A vulnerability was found in EasyCorp EasyAdmin up to 4.8.9. It has been declared as problematic. Affected by this vulnerability is the function Autocomplete of the file assets/js/autocomplete.js of the component Autocomplete. The manipulation of the argument item leads to cross… |
- risk 0.41cvss 6.3epss 0.01
A vulnerability, which was classified as critical, was found in lakernote EasyAdmin up to 20240315. Affected is the function thumbnail of the file src/main/java/com/laker/admin/module/sys/controller/IndexController.java. The manipulation of the argument url leads to server-side…
- risk 0.41cvss 6.3epss 0.01
A vulnerability, which was classified as critical, has been found in lakernote EasyAdmin up to 20240315. This issue affects some unknown processing of the file /ureport/designer/saveReportFile. The manipulation leads to server-side request forgery. The attack may be initiated…
- risk 0.41cvss 6.3epss 0.01
A vulnerability classified as problematic was found in lakernote EasyAdmin up to 20240315. This vulnerability affects unknown code of the file /ureport/designer/saveReportFile. The manipulation leads to xml external entity reference. The attack can be initiated remotely. The…
- risk 0.41cvss 6.3epss 0.01
A vulnerability classified as critical has been found in lakernote EasyAdmin up to 20240315. This affects an unknown part of the file /ureport/designer/saveReportFile. The manipulation of the argument file leads to path traversal: '../filedir'. It is possible to initiate the…
- risk 0.16cvss 3.5epss 0.01
A vulnerability was found in EasyCorp EasyAdmin up to 4.8.9. It has been declared as problematic. Affected by this vulnerability is the function Autocomplete of the file assets/js/autocomplete.js of the component Autocomplete. The manipulation of the argument item leads to cross…