Lucene search

Sscms Security Vulnerabilities

cve

CVE-2021-42654

SiteServer CMS < V5.1 is affected by an unrestricted upload of a file with dangerous type (getshell), which could be used to execute arbitrary code.

9.8CVSS

9.5AI Score

0.003EPSS

2022-05-24 01:15 PM

cve

CVE-2021-42655

SiteServer CMS V6.15.51 is affected by a SQL injection vulnerability.

8.8CVSS

9AI Score

0.001EPSS

2022-05-24 01:15 PM

cve

CVE-2021-42656

SiteServer CMS V6.15.51 is affected by a Cross Site Scripting (XSS) vulnerability.

5.4CVSS

5.2AI Score

0.001EPSS

2022-05-24 01:15 PM

cve

CVE-2022-28118

SiteServer CMS v7.x allows attackers to execute arbitrary code via a crafted plug-in.

9.8CVSS

9.6AI Score

0.004EPSS

2022-05-03 01:15 AM

cve

CVE-2022-30349

siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting (XSS).

6.1CVSS

6AI Score

0.001EPSS

2022-06-02 02:15 PM

cve

CVE-2022-44297

SiteServer CMS 7.1.3 has a SQL injection vulnerability the background.

9.8CVSS

9.7AI Score

0.001EPSS

2023-01-26 09:17 PM

cve

CVE-2022-44298

SiteServer CMS 7.1.3 is vulnerable to SQL Injection.

9.8CVSS

9.5AI Score

0.001EPSS

2023-01-27 02:15 PM

cve

CVE-2022-44299

SiteServerCMS 7.1.3 sscms has a file read vulnerability.

4.9CVSS

5AI Score

0.001EPSS

2023-02-16 10:15 PM

cve

CVE-2023-2862

A vulnerability, which was classified as problematic, was found in SiteServer CMS up to 7.2.1. Affected is an unknown function of the file /api/stl/actions/search. The manipulation of the argument ajaxDivId leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...

6.1CVSS

5.9AI Score

0.001EPSS

2023-05-24 10:15 AM