Luckyframe: >> Luckyframeweb >> 3.5.2 Security Vulnerabilities
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-05-23
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the fileDownload method in class com.luckyframe.project.common.CommonController.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-05-06