← Back

Javaweb Blog Project

javaweb_blog_project

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Javaweb Blog
javaweb_blog
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-40037
1Javaweb Blog Project
1Javaweb Blog
Apr 2, 2025
Jan 26, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile.
CVE-2022-40034
1Javaweb Blog Project
1Javaweb Blog
Apr 3, 2025
Jan 23, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows attackers to execute arbitrary code via the 'notifyInfo' parameter.