Lucene search
K

65 matches found

NVD
NVD
added 2025/08/05 9:15 p.m.8 views

CVE-2025-52237

An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to execute a directory traversal...

6.5CVSS0.00472EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/05 12:0 a.m.12 views

CVE-2025-52237

An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to execute a directory traversal...

0.00472EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/05 12:0 a.m.4 views

CVE-2025-52237

An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to execute a directory traversal...

6.7AI score0.00472EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.8 views

PT-2025-31996 · Sscms · Sscms

Name of the Vulnerable Software and Affected Versions: SSCMS version 7.3.1 Description: An issue in the /stl/actions/download?filePath component of SSCMS allows attackers to execute a directory traversal. Recommendations: Apply any available updates to address the directory traversal issue in the...

6.5CVSS6.7AI score0.00472EPSS
Exploits0References7
CVE
CVE
added 2025/08/05 12:0 a.m.43 views

CVE-2025-52237

CVE-2025-52237 affects SSCMS v7.3.1. The vulnerability is a directory traversal in the /stl/actions/download?filePath component, enabling an attacker to access restricted files. No exploitation details are provided in the documents. The PT Security advisory recommends applying updates to address ...

6.5CVSS7.2AI score0.00472EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/29 5:11 a.m.4 views

CVE-2025-45529

An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor...

7.1CVSS6.8AI score0.00305EPSS
Exploits1References1
NVD
NVD
added 2025/05/27 7:15 p.m.15 views

CVE-2025-45529

An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor...

7.1CVSS0.00305EPSS
Exploits1References2
OSV
OSV
added 2025/05/27 7:15 p.m.5 views

CVE-2025-45529

An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor...

7.1CVSS5.9AI score0.00305EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/05/27 12:0 a.m.4 views

PT-2025-23022 · Sscms · Sscms

Name of the Vulnerable Software and Affected Versions: SSCMS version 7.3.1 Description: The issue allows attackers to read arbitrary files by sending a crafted GET request to the "/cms/templates/templatesAssetsEditor" API endpoint, exploiting a flaw in the ReadTextAsynchronous function...

7.1CVSS6.5AI score0.00305EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/05/27 12:0 a.m.4 views

SSCMS 安全漏洞

SSCMS SiteServerCMS is a content management system from China's Bailong Qianwei SSCMS company. A security vulnerability exists in SSCMS version v7.3.1, which originates from the ReadTextAsynchronous function that allows reading arbitrary files...

7.1CVSS6.8AI score0.00305EPSS
Exploits1References2
CVE
CVE
added 2025/05/27 12:0 a.m.51 views

CVE-2025-45529

CVE-2025-45529 affects SSCMS v7.3.1. The vulnerability resides in the ReadTextAsynchronous function, allowing an attacker to read arbitrary files by crafting a GET request to the endpoint /cms/templates/templatesAssetsEditor. Multiple connected sources confirm the same issue and root cause. A pra...

7.1CVSS6.8AI score0.00305EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/27 12:0 a.m.5 views

CVE-2025-45529

An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor...

6.8AI score0.00305EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/05/27 12:0 a.m.8 views

CVE-2025-45529

An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor...

0.00305EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:25 a.m.11 views

CVE-2023-43953

SSCMS 7.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the Content Management component...

5.4CVSS6.2AI score0.00346EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:49 p.m.7 views

CVE-2022-30349

siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting XSS...

6.1CVSS6.4AI score0.00642EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:23 p.m.2 views

Malicious code in ЅSСMS (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/06/25 1:23 p.m.3 views

MAL-2024-4717 Malicious code in ЅSСMS (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/10/03 9:15 p.m.2 views

CVE-2023-43953

SSCMS 7.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the Content Management component...

5.4CVSS5.8AI score0.00346EPSS
Exploits0References2
NVD
NVD
added 2023/10/03 9:15 p.m.42 views

CVE-2023-43951

SSCMS 7.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the Column Management component...

5.4CVSS5.4AI score0.00348EPSS
Exploits0References1
Prion
Prion
added 2023/10/03 9:15 p.m.24 views

Cross site scripting

SSCMS 7.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the Column Management component...

4.9CVSS5.4AI score0.00348EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder