CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Siteserver: >> Siteserver Cms >> 6.9.0 Security Vulnerabilities

CVE-2019-11401

A issue was discovered in SiteServer CMS 6.9.0. It allows remote attackers to execute arbitrary code because an administrator can add the permitted file extension .aassp, which is converted to .asp because the "as" substring is deleted.

CVSS Score

7.2

EPSS Score

0.023

Published

2019-04-22

Page 1

Vulnerabilities

Vulnerable Software

Siteserver: >> Siteserver Cms >> 6.9.0 Security Vulnerabilities

Products

Pricing

Contact Us