Skip to content
CVSS 7.3 · HIGH

CVE-2026-7519

A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.1 is recommended to address this issue. Upgrading the affected component is advised.

View on NVD

Analysis

This is a path traversal vulnerability in Fujian Apex LiveBOS, which is a niche enterprise BPM/ERP platform primarily used in specific regional markets. It has no significant deployment or relevance within the MexicoDev community's technology stack.

Severity

Score: 7.3(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AV: NETWORK
AC: LOW
PR: NONE
UI: NONE
S: UNCHANGED
C: LOW
I: LOW
A: LOW
Weakness (CWE): CWE-22

EPSS

Probability of exploitation (next 30 days): 0.0004 (0.0%)
Percentile: 12.9%
EPSS: 2026-05-06

Technical description

A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.1 is recommended to address this issue. Upgrading the affected component is advised.

Published: 5/1/2026, 1:16:17 AM
Last modified: 5/1/2026, 3:26:24 PM

References

HomeEventsBlogResourcesTeam