{"id":"CVE-2024-35081","details":"LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method.","modified":"2026-07-08T07:08:21.638352173Z","published":"2024-05-23T17:02:08.098Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/35xxx/CVE-2024-35081.json","cna_assigner":"mitre"},"references":[{"type":"WEB","url":"http://www.luckyframe.cn/"},{"type":"WEB","url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/35081.txt"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/35xxx/CVE-2024-35081.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35081"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/seagull1985/luckyframeweb","events":[{"introduced":"9399095cd112f0b0f82c83143faf780e2591e76d"},{"last_affected":"9399095cd112f0b0f82c83143faf780e2591e76d"}],"database_specific":{"cpe":"cpe:2.3:a:luckyframe:luckyframeweb:3.5.2:*:*:*:*:luckyframe:*:*","source":"CPE_STRING","extracted_events":[{"introduced":"3.5.2"},{"last_affected":"3.5.2"}]}}],"versions":["3.5.2","V3.5.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-35081.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}