Количество 2
Количество 2
CVE-2020-14044
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Server-Side Request Forgery (SSRF) vulnerability was found in Codiad v1.7.8 and later. A user with admin privileges could use the plugin install feature to make the server request any URL via components/market/class.market.php. This could potentially result in remote code execution. NOTE: the vendor states "Codiad is no longer under active maintenance by core contributors."
GHSA-c3q8-hh69-7mg5
Codiad SSRF Vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-14044 ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Server-Side Request Forgery (SSRF) vulnerability was found in Codiad v1.7.8 and later. A user with admin privileges could use the plugin install feature to make the server request any URL via components/market/class.market.php. This could potentially result in remote code execution. NOTE: the vendor states "Codiad is no longer under active maintenance by core contributors." | CVSS3: 7.2 | 2% Низкий | больше 5 лет назад |
| GHSA-c3q8-hh69-7mg5 Codiad SSRF Vulnerability | CVSS3: 7.2 | 2% Низкий | больше 3 лет назад |
Уязвимостей на страницу