CVE-2022-28118
CRITICALSiteServer CMS 7.0.0-7.1.2 - Remote Code Execution via Crafted Plugin
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2022-28118. PoCs published by Richard-Tang.
AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2022-28118, targeting SSCMS. The exploit leverages file upload vulnerabilities in the advertisement management functionality to achieve remote code execution (RCE).
Description
SiteServer CMS v7.x allows attackers to execute arbitrary code via a crafted plug-in.
Exploits (1)
nomisec
WORKING POC
8 stars
by Richard-Tang · poc
https://github.com/Richard-Tang/SSCMS-PluginShell
This repository contains a proof-of-concept exploit for CVE-2022-28118, targeting SSCMS. The exploit leverages file upload vulnerabilities in the advertisement management functionality to achieve remote code execution (RCE).
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target:
SSCMS (SiteServer CMS)
Auth required
Prerequisites:
Authenticated access to the SSCMS admin panel · File upload functionality enabled in the advertisement module
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (4)
Core 4
Core References
Product, Third Party Advisory x_refsource_misc
https://github.com/siteserver/cms
Exploit, Third Party Advisory x_refsource_misc
https://github.com/Richard-Tang/SSCMS-PluginShell/blob/main/Detail.md
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://github.com/siteserver/cms/issues/3386
Not Applicable x_refsource_misc
http://siteserver.com
Scores
CVSS v3
9.8
EPSS
0.0404
EPSS Percentile
88.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (2)
npm/siteserver
7.0.0npm
sscms/siteserver_cms
7.0.0 - 7.1.2
Published
May 03, 2022
Tracked Since
Feb 18, 2026