65 matches found
CVE-2025-52237
An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to execute a directory traversal...
CVE-2025-52237
An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to execute a directory traversal...
CVE-2025-52237
An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to execute a directory traversal...
PT-2025-31996 · Sscms · Sscms
Name of the Vulnerable Software and Affected Versions: SSCMS version 7.3.1 Description: An issue in the /stl/actions/download?filePath component of SSCMS allows attackers to execute a directory traversal. Recommendations: Apply any available updates to address the directory traversal issue in the...
CVE-2025-52237
CVE-2025-52237 affects SSCMS v7.3.1. The vulnerability is a directory traversal in the /stl/actions/download?filePath component, enabling an attacker to access restricted files. No exploitation details are provided in the documents. The PT Security advisory recommends applying updates to address ...
CVE-2025-45529
An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor...
CVE-2025-45529
An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor...
CVE-2025-45529
An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor...
PT-2025-23022 · Sscms · Sscms
Name of the Vulnerable Software and Affected Versions: SSCMS version 7.3.1 Description: The issue allows attackers to read arbitrary files by sending a crafted GET request to the "/cms/templates/templatesAssetsEditor" API endpoint, exploiting a flaw in the ReadTextAsynchronous function...
SSCMS 安全漏洞
SSCMS SiteServerCMS is a content management system from China's Bailong Qianwei SSCMS company. A security vulnerability exists in SSCMS version v7.3.1, which originates from the ReadTextAsynchronous function that allows reading arbitrary files...
CVE-2025-45529
CVE-2025-45529 affects SSCMS v7.3.1. The vulnerability resides in the ReadTextAsynchronous function, allowing an attacker to read arbitrary files by crafting a GET request to the endpoint /cms/templates/templatesAssetsEditor. Multiple connected sources confirm the same issue and root cause. A pra...
CVE-2025-45529
An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor...
CVE-2025-45529
An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor...
CVE-2023-43953
SSCMS 7.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the Content Management component...
CVE-2022-30349
siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting XSS...
Malicious code in ЅSСMS (NuGet)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-4717 Malicious code in ЅSСMS (NuGet)
--- -= Per source details. Do not edit below this line.=-...
CVE-2023-43953
SSCMS 7.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the Content Management component...
CVE-2023-43951
SSCMS 7.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the Column Management component...
Cross site scripting
SSCMS 7.2.2 was discovered to contain a cross-site scripting XSS vulnerability via the Column Management component...