2 results (0.001 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component. Vulnerabilidad de carga de archivos encontrada en Rawchen Blog-ssm v1.0 que permite a los atacantes ejecutar comandos arbitrarios y obtener privilegios aumentados a través del componente /uploadFileList. • https://github.com/rawchen/blog-ssm/issues/3 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

An issue was discovered in Rawchen blog-ssm v1.0 allows an attacker to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component. • https://github.com/rawchen/blog-ssm/issues/5 •