admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2025/4xxx/CVE-2025-4530.json

150 lines
5.6 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2025-05-10 06:00:35 +00:00
{
"-Synchronized-Data."
2025-05-11 05:00:37 +00:00
"data_version": "4.0",
"-Synchronized-Data."
2025-05-10 06:00:35 +00:00
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-4530",
"-Synchronized-Data."
2025-05-11 05:00:37 +00:00
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
"-Synchronized-Data."
2025-05-10 06:00:35 +00:00
},
"description": {
"description_data": [
{
"lang": "eng",
"-Synchronized-Data."
2025-05-11 05:00:37 +00:00
"value": "A vulnerability was found in feng_ha_ha/megagao ssm-erp and production_ssm 1.0. It has been declared as problematic. Affected by this vulnerability is the function handleFileDownload of the file FileController.java of the component File Handler. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names."
},
{
"lang": "deu",
"value": "In feng_ha_ha/megagao ssm-erp and production_ssm 1.0 wurde eine problematische Schwachstelle ausgemacht. Es geht um die Funktion handleFileDownload der Datei FileController.java der Komponente File Handler. Dank der Manipulation mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "feng_ha_ha",
"product": {
"product_data": [
{
"product_name": "ssm-erp",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
},
{
"product_name": "production_ssm",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
},
{
"vendor_name": "megagao",
"product": {
"product_data": [
{
"product_name": "ssm-erp",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
},
{
"product_name": "production_ssm",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.308275",
"refsource": "MISC",
"name": "https://vuldb.com/?id.308275"
},
{
"url": "https://vuldb.com/?ctiid.308275",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.308275"
},
{
"url": "https://vuldb.com/?submit.565380",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.565380"
},
{
"url": "https://github.com/Hao-Ni/CVE/issues/2",
"refsource": "MISC",
"name": "https://github.com/Hao-Ni/CVE/issues/2"
}
]
},
"credits": [
{
"lang": "en",
"value": "fatd0g (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N"
"-Synchronized-Data."
2025-05-10 06:00:35 +00:00
}
]
}
}
Reference in New Issue Copy Permalink