Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SSCMS layerImage Endpoint LayerImageController.Submit.cs path traversal
Vulnerability Description
A vulnerability has been found in SSCMS 4.7.0. The affected element is an unknown function of the file LayerImageController.Submit.cs of the component layerImage Endpoint. Such manipulation of the argument filePaths leads to path traversal. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
SSCMS 路径遍历漏洞
Vulnerability Description
SSCMS(SiteServerCMS)是中国百容千域(SSCMS)公司的一个内容管理系统。 SSCMS 4.7.0版本存在路径遍历漏洞,该漏洞源于对layerImage端点组件中文件LayerImageController.Submit.cs的参数filePaths的错误操作,可能导致路径遍历。
CVSS Information
N/A
Vulnerability Type
N/A