CVE-2024-11123 – Lingdang CRM Remote File Traversal Vulnerability

11月 12, 2024
2:17 pm

CVE ID : CVE-2024-11123

Published : Nov. 12, 2024, 1:15 p.m. | 1 hour, 2 minutes ago

Description : A vulnerability, which was classified as problematic, was found in ???????????? Lingdang CRM up to 8.6.4.3. This affects an unknown part of the file /crm/data/pdf.php. The manipulation of the argument url with the input ../config.inc.php leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-11123 – Lingdang CRM Remote File Traversal Vulnerability

Elvescore.io

Recent Posts

CVE-2024-12947 – Codezips Hospital Management System SQL Injection Vulnerability

CVE-2024-12948 – Travel Management System Travel SQL Injection

CVE-2024-47151 – Honor File Writing Code Execution Vulnerability

CVE-2024-47156 – Honor Information Leak Vulnerability

CVE-2024-12945 – Simple Car Rental System SQL Injection

CVE-2024-12946 – “1000 Projects Attendance Tracking Management System SQL Injection Vulnerability”

CVE-2024-11123 – Lingdang CRM Remote File Traversal Vulnerability

CVE-2024-11123 – Lingdang CRM Remote File Traversal Vulnerability