Blog-ssm Project - Blog-ssm CVE - CVE Search - CVE Details

Filtered by vendor Blog-ssm Project Subscribe

Filtered by product Blog-ssm

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-40035	1 Blog-ssm Project	1 Blog-ssm	2023-02-01	N/A	8.8 HIGH
File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component.
CVE-2022-40036	1 Blog-ssm Project	1 Blog-ssm	2023-02-01	N/A	6.5 MEDIUM
An issue was discovered in Rawchen blog-ssm v1.0 allows an attacker to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component.

Vulnerabilities (CVE)