Filtered by vendor Landray
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-34924 | 1 Landray | 1 Landray Office Automation | 2024-02-04 | N/A | 7.5 HIGH |
Lanling OA Landray Office Automation (OA) internal patch number #133383/#137780 contains an arbitrary file read vulnerability via the component /sys/ui/extend/varkind/custom.jsp. | |||||
CVE-2021-3159 | 1 Landray | 1 Landray Ekp | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
A stored cross site scripting (XSS) vulnerability in the /sys/attachment/uploaderServlet component of Landray EKP V12.0.9.R.20160325 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG, SHTML, or MHT file. |