CVE-2025-4530 – Feng Ha Ha Megagao SSM-ERP/Production SSM Path Traversal Vulnerability

May 11, 2025

CVE ID : CVE-2025-4530

Published : May 11, 2025, 5:15 a.m. | 1 hour, 23 minutes ago

Description : A vulnerability was found in feng_ha_ha/megagao ssm-erp and production_ssm 1.0. It has been declared as problematic. Affected by this vulnerability is the function handleFileDownload of the file FileController.java of the component File Handler. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4531 – Seeyon Zhiyuan OA Web Application System Remote Code Injection Vulnerability

Next Article CVE-2025-4535 – Gosuncn Technology Group Audio-Visual Integrated Management Platform Remote Configuration File Handler Information Disclosure

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

CVE-2025-4530 – Feng Ha Ha Megagao SSM-ERP/Production SSM Path Traversal Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

DLC for one of the best Xbox Soulslikes has now become easier to access… with a catch

Windows 11 24H2 April 2025 Update fixes File Explorer menu opening in opposite direction

Hunting Fileless Malware

lstr – fast, minimalist directory tree viewer

Rilasciato Fastfetch 2.41: Tutte le novità del tool per mostrare le informazioni dei sistemi GNU/Linux

CVE-2025-48175 – Libavif Integer Overflow Vulnerability

Have your Microsoft Rewards points streaks been killed off on Xbox? You’re not alone — but don’t worry.

CVE-2025-4855 – WordPress Support Board Plugin Unauthenticated Data Access and Modification

CVE-2025-4530 – Feng Ha Ha Megagao SSM-ERP/Production SSM Path Traversal Vulnerability

Related Posts