CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25096 – WordPress canto plugin <= 3.0.7 - Unauth. Remote Code Execution (RCE) vulnerability
https://notcve.org/view.php?id=CVE-2024-25096
12 Feb 2024 — Improper Control of Generation of Code ('Code Injection') vulnerability in Canto Inc. Canto allows Code Injection.This issue affects Canto: from n/a through 3.0.7. Vulnerabilidad de control inadecuado de generación de código ("inyección de código") en Canto Inc. Canto permite la inyección de código. Este problema afecta a Canto: desde n/a hasta 3.0.7. • https://patchstack.com/database/vulnerability/canto/wordpress-canto-plugin-3-0-6-unauthenticated-remote-code-execution-rce-vulnerability?_s_id=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3452 – Canto <= 3.0.4 - Unauthenticated Remote File Inclusion
https://notcve.org/view.php?id=CVE-2023-3452
09 Aug 2023 — The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allow_url_include is enabled. Local File Inclusion is also possible, albeit less useful because it requires that the attacker be able to upload a malicious php file via FTP or some other means into a directory readable by the web server. WordPress Canto vers... • https://github.com/leoanggal1/CVE-2023-3452-PoC • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-40305
https://notcve.org/view.php?id=CVE-2022-40305
09 Sep 2022 — A Server-Side Request Forgery issue in Canto Cumulus through 11.1.3 allows attackers to enumerate the internal network, overload network resources, and possibly have unspecified other impact via the server parameter to the /cwc/login login form. Un problema de tipo Server-Side Request Forgery en Canto Cumulus versiones hasta 11.1.3, permite a atacantes enumerar la red interna, sobrecargar los recursos de la red y posiblemente tener otro impacto no especificado por medio del parámetro del servidor al formula... • https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-023.txt • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.3EPSS: 5%CPEs: 1EXPL: 1CVE-2020-28976 – Canto <= 1.9.0 - Blind Server-Side Request Forgery via detail.php
https://notcve.org/view.php?id=CVE-2020-28976
30 Nov 2020 — The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF. El plugin Canto versión 1.3.0 para WordPress, contiene una vulnerabilidad de tipo SSRF ciega. Permite a un atacante no autenticado poder realizar una petición a cualquier servidor interno y externo por medio de /includes/lib/detail.php? • https://www.exploit-db.com/exploits/49189 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-24063 – Canto <= 1.9.0 - Blind Server-Side Request Forgery via download.php
https://notcve.org/view.php?id=CVE-2020-24063
10 Nov 2020 — The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF. El plugin Canto versión 1.3.0, para WordPress permite un ataque SSRF en includes/lib/download.php?subdomain= The Canto plugin 2.1.1 for WordPress allows includes/lib/download.php?subdomain= SSRF. • https://gist.github.com/Hakooraevil/264cb21034f946eee62371e9111c36bb • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.3EPSS: 1%CPEs: 1EXPL: 1CVE-2020-28977 – Canto <= 1.9.0 - Blind Server-Side Request Forgery via get.php
https://notcve.org/view.php?id=CVE-2020-28977
12 Mar 2020 — The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/get.php?subdomain=SSRF. El plugin Canto versión 1.3.0 para WordPress, contiene una vulnerabilidad de tipo SSRF ciega. Permite a un atacante no autenticado poder realizar una petición a cualquier servidor interno y externo por medio de /includes/lib/get.php? • https://www.exploit-db.com/exploits/49189 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.3EPSS: 1%CPEs: 1EXPL: 1CVE-2020-28978 – Canto <= 1.9.0 - Blind Server-Side Request Forgery via tree.php
https://notcve.org/view.php?id=CVE-2020-28978
12 Mar 2020 — The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/tree.php?subdomain=SSRF. El plugin Canto versión 1.3.0 para WordPress, contiene una vulnerabilidad de tipo SSRF ciega. Permite a un atacante no autenticado poder realizar una petición a cualquier servidor interno y externo por medio de /includes/lib/tree.php? • https://www.exploit-db.com/exploits/49189 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 3CVE-2013-7416
https://notcve.org/view.php?id=CVE-2013-7416
03 Dec 2014 — canto_curses/guibase.py in Canto Curses before 0.9.0 allows remote feed servers to execute arbitrary commands via shell metacharacters in a URL in a feed. canto_curses/guibase.py en Canto Curses anterior a 0.9.0 permite a servidores de alimentación remotos ejecutar comandos arbitrarios a través de metacaracteres de shell en una URL en una alimentación. • http://seclists.org/oss-sec/2014/q4/826 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •