CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Blog-Ssm Project: >> Blog-Ssm Security Vulnerabilities

CVE-2022-40036

An issue was discovered in Rawchen blog-ssm v1.0 allows an attacker to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component.

CVSS Score

6.5

EPSS Score

0.001

Published

2023-01-26

CVE-2022-40035

File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component.

CVSS Score

8.8

EPSS Score

0.003

Published

2023-01-26

Page 1

Vulnerabilities

Vulnerable Software

Blog-Ssm Project: >> Blog-Ssm Security Vulnerabilities

Products

Pricing

Contact Us