CVE-2025-4530 | feng_ha_ha/megagao ssm-erp/production_ssm 1.0 File FileController.java handleFileDownload path traversal

Inserito da Angelo Barbosa | Mag 10, 2025 | CVE

A vulnerability was found in feng_ha_ha/megagao ssm-erp and production_ssm 1.0. It has been declared as problematic. Affected by this vulnerability is the function handleFileDownload of the file FileController.java of the component File Handler. The manipulation leads to path traversal.

This vulnerability is known as CVE-2025-4530. The attack can be launched remotely. Furthermore, there is an exploit available.

This product is distributed under two entirely different names.

CVE-2025-4530 | feng_ha_ha/megagao ssm-erp/production_ssm 1.0 File FileController.java handleFileDownload path traversal

Post correlati

CVE-2022-48662 | Linux Kernel up to 5.15.71/5.19.11/6.0 context_close iteration (713fa3e4591f/f799e0568d6c/d119888b09bd)

CVE-2024-3003 | code-projects Online Book System 1.0 /cart.php quantity/remove sql injection

CVE-2024-29015 | Intel VTune Profiler software 2023.0/2024.0 uncontrolled search path (intel-sa-01122)

CVE-2024-43439 | Moodle H5P Error Message cross site scripting