CVE-2025-4530 – Feng Ha Ha Megagao SSM-ERP/Production SSM Path Traversal Vulnerability

May 11, 2025

CVE ID : CVE-2025-4530

Published : May 11, 2025, 5:15 a.m. | 1 hour, 23 minutes ago

Description : A vulnerability was found in feng_ha_ha/megagao ssm-erp and production_ssm 1.0. It has been declared as problematic. Affected by this vulnerability is the function handleFileDownload of the file FileController.java of the component File Handler. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4531 – Seeyon Zhiyuan OA Web Application System Remote Code Injection Vulnerability

Next Article CVE-2025-4535 – Gosuncn Technology Group Audio-Visual Integrated Management Platform Remote Configuration File Handler Information Disclosure

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

I compared the best headphones from Apple, Sony, Bose, and Sonos: Here’s how the AirPods Max wins

I changed these 6 settings on my iPad to significantly improve its battery life

DistroWatch Weekly, Issue 1134

3 portable power stations I travel everywhere with (and how they differ)

Next.js PWA offline capability with Service Worker, no extra package

Next.js PWA offline capability with Service Worker, no extra package

spatie/laravel-flare

Establishing Consistent Data Foundations with Laravel’s Database Population System

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Best Architecture AI Rendering Platform: 6 Tools Tested

Microsoft won’t kill off Chromium Edge and PWAs on Windows 10 until October 2028

CVE-2025-4530 – Feng Ha Ha Megagao SSM-ERP/Production SSM Path Traversal Vulnerability

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

Microsoft launches Intel-exclusive Surface Laptop 5G with reengineered design — but it’s SHOCKINGLY expensive

My Android Auto was having trouble connecting until I did this one thing

The Super Weight in Large Language Models

Generate user-personalized communication with Amazon Personalize and Amazon Bedrock

CVE-2025-5304 – PT Project Notebooks WordPress Privilege Escalation

CVE-2025-3748 – WordPress Taxonomy Chain Menu Stored Cross-Site Scripting

CVE-2025-0853 – WordPress PGS Core Plugin SQL Injection Vulnerability

CVE-2025-54010 – Shahjahan Jewel FluentSnippets CSRF Vulnerability

CVE-2025-4530 – Feng Ha Ha Megagao SSM-ERP/Production SSM Path Traversal Vulnerability

Related Posts