SiteServer CMS Arbitrary Code Execution Vulnerability
SiteServer CMS is an open source, free, enterprise-class CMS content management system. An arbitrary code execution vulnerability exists in SiteServer CMS 6.9.0. The vulnerability stems from the fact that administrators can add a permitted file extension .aassp, which is converted to .asp due to...