exploitDog

GHSA-89j4-2255-gq9x

Опубликовано: 27 мая 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.1

Описание

An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor.

An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor.

Ссылки

EPSS

Процентиль: 16%

0.00052

Низкий

7.1 High

CVSS3

CVE ID

Дефекты

CWE-552

Связанные уязвимости

CVE-2025-45529

CVSS3: 7.1

nvd

9 месяцев назад

An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor.

EPSS

Процентиль: 16%

0.00052

Низкий

7.1 High

CVSS3

CVE ID

Дефекты

CWE-552