3 matches found
CVE-2026-30404
The CVE-2026-30404 entry concerns wgcloud v3.6.3, where the backend database management connection test feature is vulnerable to server-side request forgery (SSRF). The vulnerability could allow the server to initiate requests to internal networks, remotely download malicious files, and perform o...
CVE-2026-30402
CVE-2026-30402 affects wgcloud v2.3.7 and earlier. A remote attacker can execute arbitrary code via the test connection function, per CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (base score 9.8). No remediation details are provided in the supplied documents.
CVE-2026-30403
CVE-2026-30403 affects wgcloud before 3.6.3, where the vulnerable area is the test connection function in the backend database management module. The issue allows an attacker to perform an arbitrary file read on the victim’s server, exposing sensitive files. The description and connected sources ...