CVE-2024-2565
- EPSS 0.07%
- Veröffentlicht 17.03.2024 15:15:07
- Zuletzt bearbeitet 05.03.2025 14:53:25
A vulnerability was found in PandaXGO PandaX up to 20240310. It has been classified as critical. Affected is an unknown function of the file /apps/system/router/upload.go of the component File Extension Handler. The manipulation of the argument file ...
CVE-2024-2564
- EPSS 0.07%
- Veröffentlicht 17.03.2024 14:15:06
- Zuletzt bearbeitet 18.02.2025 13:55:09
A vulnerability was found in PandaXGO PandaX up to 20240310 and classified as critical. This issue affects the function ExportUser of the file /apps/system/api/user.go. The manipulation of the argument filename leads to path traversal: '../filedir'. ...
CVE-2024-2562
- EPSS 0.05%
- Veröffentlicht 17.03.2024 12:15:07
- Zuletzt bearbeitet 05.03.2025 14:53:25
A vulnerability, which was classified as critical, was found in PandaXGO PandaX up to 20240310. This affects the function InsertRole of the file /apps/system/services/role_menu.go. The manipulation of the argument roleKey leads to sql injection. It i...
CVE-2024-2563
- EPSS 0.08%
- Veröffentlicht 17.03.2024 12:15:07
- Zuletzt bearbeitet 05.03.2025 14:53:25
A vulnerability has been found in PandaXGO PandaX up to 20240310 and classified as critical. This vulnerability affects the function DeleteImage of the file /apps/system/router/upload.go. The manipulation of the argument fileName with the input ../.....