Filtered by vendor Blog-ssm Project Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-40036 1 Blog-ssm Project 1 Blog-ssm 2024-11-21 6.5 Medium
An issue was discovered in Rawchen blog-ssm v1.0 allows an attacker to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component.
CVE-2022-40035 1 Blog-ssm Project 1 Blog-ssm 2024-11-21 8.8 High
File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component.