Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Luckyframe Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-33118 1 Luckyframe 1 Luckyframeweb 2025-06-10 N/A 7.5 HIGH
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the fileDownload method in class com.luckyframe.project.common.CommonController.
CVE-2023-24221 1 Luckyframe 1 Luckyframeweb 2025-03-18 N/A 9.8 CRITICAL
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/DeptMapper.xml.
CVE-2023-24220 1 Luckyframe 1 Luckyframeweb 2025-03-18 N/A 9.8 CRITICAL
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/RoleMapper.xml.
CVE-2023-24219 1 Luckyframe 1 Luckyframeweb 2025-03-18 N/A 9.8 CRITICAL
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/UserMapper.xml.