Linqi

linqi

6 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-33868 1Linqi 1Linqi Apr 28, 2025 May 14, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in linqi before 1.4.0.1 on Windows. There is LDAP injection.
CVE-2024-33867 1Linqi 1Linqi Apr 28, 2025 May 14, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 An issue was discovered in linqi before 1.4.0.1 on Windows. There is a hardcoded password salt.
CVE-2024-33866 1Linqi 1Linqi Apr 28, 2025 May 14, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An issue was discovered in linqi before 1.4.0.1 on Windows. There is /api/DocumentTemplate/{GUID] XSS.
CVE-2024-33865 1Linqi 1Linqi Apr 28, 2025 May 14, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in linqi before 1.4.0.1 on Windows. There is an NTLM hash leak via the /api/Cdn/GetFile and /api/DocumentTemplate/{GUID] endpoints.
CVE-2024-33864 1Linqi 1Linqi Apr 28, 2025 May 14, 2024 N/A· v4 5.9 MEDIUM· v3 N/A· v2 An issue was discovered in linqi before 1.4.0.1 on Windows. There is SSRF via Document template generation; i.e., via remote images in process creation, file inclusion, and PDF document generation via malicious JavaScrip...Show more An issue was discovered in linqi before 1.4.0.1 on Windows. There is SSRF via Document template generation; i.e., via remote images in process creation, file inclusion, and PDF document generation via malicious JavaScript.Show less
CVE-2024-33863 1Linqi 1Linqi Apr 28, 2025 May 14, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in linqi before 1.4.0.1 on Windows. There is /api/Cdn/GetFile local file inclusion.