Vulnerabilities (CVE)

Filtered by vendor Blog-ssm Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-40036 1 Blog-ssm Project 1 Blog-ssm 2024-11-21 N/A 6.5 MEDIUM
An issue was discovered in Rawchen blog-ssm v1.0 allows an attacker to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component.
CVE-2022-40035 1 Blog-ssm Project 1 Blog-ssm 2024-11-21 N/A 8.8 HIGH
File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component.