10 matches found
CVE-2021-42655
SiteServer CMS V6.15.51 is affected by a SQL injection vulnerability.
CVE-2021-42656
SiteServer CMS V6.15.51 is affected by a Cross Site Scripting (XSS) vulnerability.
CVE-2021-42654
SiteServer CMS
CVE-2022-30349
siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting (XSS).
CVE-2022-28118
SiteServer CMS v7.x allows attackers to execute arbitrary code via a crafted plug-in.
CVE-2023-2862
A vulnerability, which was classified as problematic, was found in SiteServer CMS up to 7.2.1. Affected is an unknown function of the file /api/stl/actions/search. The manipulation of the argument ajaxDivId leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...
CVE-2022-44298
SiteServer CMS 7.1.3 is vulnerable to SQL Injection.
CVE-2022-44297
SiteServer CMS 7.1.3 has a SQL injection vulnerability the background.
CVE-2022-44299
SiteServerCMS 7.1.3 sscms has a file read vulnerability.
CVE-2025-45529
An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor.