Vulnerabilities (CVE)

Filtered by vendor Landray Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-34924 1 Landray 1 Landray Office Automation 2024-02-04 N/A 7.5 HIGH
Lanling OA Landray Office Automation (OA) internal patch number #133383/#137780 contains an arbitrary file read vulnerability via the component /sys/ui/extend/varkind/custom.jsp.
CVE-2021-3159 1 Landray 1 Landray Ekp 2024-02-04 3.5 LOW 5.4 MEDIUM
A stored cross site scripting (XSS) vulnerability in the /sys/attachment/uploaderServlet component of Landray EKP V12.0.9.R.20160325 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG, SHTML, or MHT file.