Sucms
Monthly
A Server-Side Request Forgery (SSRF) in the component admin_webgather.php of SUCMS v1.0 allows attackers to access internal data and services via a crafted GET request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue in the component admin_template.php of SUCMS v1.0 allows attackers to execute a directory traversal and arbitrary file deletion via a crafted GET request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability was found in Sucms 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A Server-Side Request Forgery (SSRF) in the component admin_webgather.php of SUCMS v1.0 allows attackers to access internal data and services via a crafted GET request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue in the component admin_template.php of SUCMS v1.0 allows attackers to execute a directory traversal and arbitrary file deletion via a crafted GET request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability was found in Sucms 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.