Vendor
CantoDAM
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- 2 CVEs
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-24063 | Hig | 0.47 | 7.2 | 0.01 | Nov 10, 2020 | The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF. | ||
| CVE-2020-28976 | Med | 0.40 | 5.3 | 0.26 | Nov 30, 2020 | The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF. |
- risk 0.47cvss 7.2epss 0.01
The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF.
- risk 0.40cvss 5.3epss 0.26
The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF.