CVE-2019-11401
A issue was discovered in SiteServer CMS 6.9.0. It allows remote attackers to execute arbitrary code because an administ
A issue was discovered in SiteServer CMS 6.9.0. It allows remote attackers to execute arbitrary code because an administrator can add the permitted file extension .aassp, which is converted to .asp because the "as" substring is deleted.
HIGH · CVSS 7.2
EPSS 0.02331
Act now
- Public exploit or PoC is available
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0