Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

65 matches found

RedhatCVE
RedhatCVEadded 2026/05/04 8:21 p.m.2 views

CVE-2026-7435

SSCMS v7.4.0 contains a SQL injection vulnerability in the stl:sqlContent tag where the queryString attribute is passed directly to database execution without parameterization or sanitization. Attackers can craft encrypted payloads submitted to the /api/stl/actions/dynamic endpoint to execute...

8.6CVSS6.2AI score0.00164EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/30 8:9 p.m.0 views

CVE-2026-7435

SSCMS v7.4.0 contains a SQL injection vulnerability in the stl:sqlContent tag where the queryString attribute is passed directly to database execution without parameterization or sanitization. Attackers can craft encrypted payloads submitted to the /api/stl/actions/dynamic endpoint to execute...

8.6CVSS6.4AI score0.00164EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/04/30 7:45 p.m.26 views

CVE-2026-7429 SSCMS v7.4.0 Reflected Cross-Site Scripting via STL Processing

SSCMS v7.4.0 contains a reflected cross-site scripting vulnerability in the STL processing endpoint that allows attackers to execute arbitrary JavaScript by crafting malicious STL template payloads that are decrypted and returned without proper sanitization. Attackers can exploit improper output...

4.6CVSS0.00033EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/04/30 12:0 a.m.6 views

SSCMS SQL注入漏洞

SSCMS SiteServerCMS is a content management system developed by SSCMS Corporation in China. Version 7.4.0 of SSCMS contains an SQL injection vulnerability. This vulnerability arises from the unparametrized or uncleaned direct transmission of the queryString attribute within the stl:sqlContent tag...

8.6CVSS6.1AI score0.00164EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/04/30 12:0 a.m.7 views

SSCMS 跨站脚本漏洞

SSCMS SiteServerCMS is a content management system developed by SSCMS Corporation in China. Version 7.4.0 of SSCMS contains a cross-site scripting vulnerability. This vulnerability stems from STL processing of endpoint scenarios involving reflective cross-site scripts. It may allow attackers to...

4.6CVSS5.6AI score0.00033EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/03/26 3:15 p.m.1 views

CVE-2026-4542

A vulnerability has been found in SSCMS 4.7.0. The affected element is an unknown function of the file LayerImageController.Submit.cs of the component layerImage Endpoint. Such manipulation of the argument filePaths leads to path traversal. The attack may be performed from remote. The exploit has...

5.5CVSS5.6AI score0.00081EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/26 3:15 p.m.1 views

CVE-2026-4222

A vulnerability was determined in SSCMS up to 7.4.0. This vulnerability affects the function PathUtils.RemoveParentPath of the file /api/admin/plugins/install/actions/download. This manipulation of the argument path causes path traversal. Remote exploitation of the attack is possible. The exploit...

5.1CVSS5.5AI score0.00121EPSS
Exploits0References1
NVD
NVDadded 2026/03/22 9:16 a.m.1 views

CVE-2026-4542

A vulnerability has been found in SSCMS 4.7.0. The affected element is an unknown function of the file LayerImageController.Submit.cs of the component layerImage Endpoint. Such manipulation of the argument filePaths leads to path traversal. The attack may be performed from remote. The exploit has...

5.5CVSS0.00081EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/03/22 8:35 a.m.31 views

CVE-2026-4542 SSCMS layerImage Endpoint LayerImageController.Submit.cs path traversal

A vulnerability has been found in SSCMS 4.7.0. The affected element is an unknown function of the file LayerImageController.Submit.cs of the component layerImage Endpoint. Such manipulation of the argument filePaths leads to path traversal. The attack may be performed from remote. The exploit has...

5.5CVSS0.00081EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/16 10:32 a.m.3 views

CVE-2026-4234

A security flaw has been discovered in SSCMS 7.4.0. This vulnerability affects unknown code of the file SitesAddController.Submit.cs of the component DDL Handler. The manipulation of the argument tableHandWrite results in sql injection. The attack can be executed remotely. The exploit has been...

6.5CVSS5.7AI score0.00039EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/03/16 6:32 a.m.0 views

CVE-2026-4222 SSCMS download PathUtils.RemoveParentPath path traversal

A vulnerability was determined in SSCMS up to 7.4.0. This vulnerability affects the function PathUtils.RemoveParentPath of the file /api/admin/plugins/install/actions/download. This manipulation of the argument path causes path traversal. Remote exploitation of the attack is possible. The exploit...

5.1CVSS5.4AI score0.00121EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/03/16 6:32 a.m.26 views

CVE-2026-4222 SSCMS download PathUtils.RemoveParentPath path traversal

A vulnerability was determined in SSCMS up to 7.4.0. This vulnerability affects the function PathUtils.RemoveParentPath of the file /api/admin/plugins/install/actions/download. This manipulation of the argument path causes path traversal. Remote exploitation of the attack is possible. The exploit...

5.1CVSS0.00121EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/01/09 12:40 p.m.9 views

CVE-2023-43951

SSCMS 7.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the Column Management component...

5.4CVSS6.2AI score0.00055EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 12:40 p.m.4 views

CVE-2023-43952

SSCMS 7.2.2 was discovered to contain a stored cross-site scripting XSS vulnerability via the Material Management component...

5.4CVSS6AI score0.0004EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-5924

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00223EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-23655

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0034EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-48312

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.0004EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-48311

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00055EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/08/07 12:31 a.m.5 views

CVE-2025-52237

An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to execute a directory traversal...

6.5CVSS6.6AI score0.0034EPSS
Exploits0References1
OSV
OSVadded 2025/08/05 9:15 p.m.0 views

CVE-2025-52237

An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to execute a directory traversal...

6.5CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder