4 matches found
CVE-2020-28978
creationtimestamp| type| source ---|---|--- 2024-11-14 06:07:24+00:00| seen| MISP/3fd85816-8f91-4c22-adc9-6b12fba7962c...
WordPress Canto 1.3.0 Server-Side Request Forgery
Exploit Title: Wordpress Plugin Canto 1.3.0 - Blind SSRF Unauthenticated Date: 03/12/2020 Exploit Author: Pankaj Verma p4nk4j Vendor Homepage: https://www.canto.com/integrations/wordpress/ Software Link: https://github.com/CantoDAM/Canto-Wordpress-Plugin Version: 1.3.0 Tested on: Ubuntu 18.04 CVE...
Wordpress Plugin Canto 1.3.0 - Blind SSRF (Unauthenticated)
Exploit Title: Wordpress Plugin Canto 1.3.0 - Blind SSRF Unauthenticated Date: 03/12/2020 Exploit Author: Pankaj Verma p4nk4j Vendor Homepage: https://www.canto.com/integrations/wordpress/ Software Link: https://github.com/CantoDAM/Canto-Wordpress-Plugin Version: 1.3.0 Tested on: Ubuntu 18.04 CVE...
CVE-2020-28978
CVE-2020-28978 affects WordPress Canto Plugin 1.3.0, with a blind SSRF due to lack of validation of the subdomain parameter in several endpoints (e.g., includes/lib/tree.php?subdomain=). Unauthenticated attackers can make requests to internal or external servers via the subdomain parameter. The C...