ReportizFlow
Filtered by vendor Shenzhen Longjing Technology
Subscriptions
Filtered by product Bems Api
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-4463 | 1 Shenzhen Longjing Technology | 1 Bems Api | 2025-11-13 | N/A |
| Longjing Technology BEMS API versions up to and including 1.21 contains an unauthenticated arbitrary file download vulnerability in the 'downloads' endpoint. The 'fileName' parameter is not properly sanitized, allowing attackers to craft traversal sequences and access sensitive files outside the intended directory. | ||||
Page 1 of 1.