openviglet/shio

openviglet/shio

Releases10

Frequency4 months 2 weeks

Last Release almost 5 years ago

Stars146

:sparkles: :dna: Shio CMS - Model Content, Use GraphQL and Create Site using Javascript with Native Cache and Search.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-8344 ↗	Jul 31, 2025Thursday, 31 July 2025, 02:15	6.3 MEDIUM	6.5 MEDIUM
A vulnerability classified as critical has been found in openviglet shio up to 0.3.8. Affected is the function shStaticFileUpload of the file shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java. The manipulation of the argument filename leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-8343 ↗	Jul 31, 2025Thursday, 31 July 2025, 01:15	4.3 MEDIUM	4 MEDIUM
A vulnerability was found in openviglet shio up to 0.3.8. It has been rated as critical. This issue affects the function shStaticFilePreUpload of the file shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java. The manipulation of the argument fileName leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.