CVE-2020-24930
Severity Score
8.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Beijing Wuzhi Internet Technology Co., Ltd. Wuzhi CMS 4.0.1 is an open source content management system. The five fingers CMS backend in***.php file has arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary files.
Beijing Wuzhi Internet Technology Co. Wuzhi CMS versión 4.0.1, es un sistema de administración de contenidos de código abierto. El archivo in***.php del backend del CMS de cinco dedos presenta una vulnerabilidad de eliminación de archivos arbitraria. Unos atacantes pueden usar la vulnerabilidad para eliminar archivos arbitrarios
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-08-28 CVE Reserved
- 2021-09-27 CVE Published
- 2023-04-20 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://www.cnvd.org.cn/flaw/show/2394661 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://github.com/wuzhicms/wuzhicms/issues/191 | 2024-08-04 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|