5 matches found
CVE-2025-52237
An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to execute a directory traversal...
CVE-2025-52237
An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to execute a directory traversal...
CVE-2025-52237
CVE-2025-52237 affects SSCMS v7.3.1. The vulnerability is a directory traversal in the /stl/actions/download?filePath component, enabling an attacker to access restricted files. No exploitation details are provided in the documents. The PT Security advisory recommends applying updates to address ...
CVE-2025-45529
An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor...
BestWeather 安全漏洞
BestWeather is a weather advisor application from BestWeather open source. A security vulnerability exists in BestWeather version v.7.3.1, which stems from allowing an unauthorized application to cause a privilege escalation attack by manipulating the database...