Lucene search
K

4 matches found

NVD
NVD
added 2026/02/05 5:16 p.m.6 views

CVE-2020-37117

jizhiCMS 1.6.7 contains a file download vulnerability in the admin plugins update endpoint that allows authenticated administrators to download arbitrary files. Attackers can exploit the vulnerability by sending crafted POST requests with malicious filepath and downloadurl parameters to trigger...

8.8CVSS0.00687EPSS
Exploits1References3
OSV
OSV
added 2026/02/05 5:16 p.m.4 views

CVE-2020-37117

jizhiCMS 1.6.7 contains a file download vulnerability in the admin plugins update endpoint that allows authenticated administrators to download arbitrary files. Attackers can exploit the vulnerability by sending crafted POST requests with malicious filepath and downloadurl parameters to trigger...

8.8CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added 2026/02/05 4:13 p.m.5 views

EUVD-2020-31049

jizhiCMS 1.6.7 contains a file download vulnerability in the admin plugins update endpoint that allows authenticated administrators to download arbitrary files. Attackers can exploit the vulnerability by sending crafted POST requests with malicious filepath and downloadurl parameters to trigger...

8.8CVSS5.6AI score0.00687EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/05 4:13 p.m.3 views

CVE-2020-37117

jizhiCMS 1.6.7 contains a file download vulnerability in the admin plugins update endpoint that allows authenticated administrators to download arbitrary files. Attackers can exploit the vulnerability by sending crafted POST requests with malicious filepath and downloadurl parameters to trigger...

8.8CVSS5.6AI score0.00687EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder