Vulnerabilities > CVE-2022-36226 - Missing Authorization vulnerability in Siteservercms Project Siteservercms

047910
CVSS 7.2 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
siteservercms-project
CWE-862
NVD
Published: 2022-08-26
Updated: 2023-08-08

Summary

SiteServerCMS 5.X has a Remote-download-Getshell-vulnerability via /SiteServer/Ajax/ajaxOtherService.aspx.

Vulnerable Configurations

Part Description Count
Application
Siteservercms_Project
1

Common Weakness Enumeration (CWE)

References