CVE-2020-24140
Description
Server-side request forgery in Wcms 0.3.2 lets an attacker send crafted requests from the back-end server of a vulnerable web application. It can help identify open ports, local network hosts and execute command on local services.
VulnerabilityType Other
Server-side request forgery
Vendor of Product
vedees
Affected Product Code Base
wcms - 0.3.2
Attack Type
Remote
Impact Denial of Service
true
Impact Information Disclosure
true
Reference
Has vendor confirmed or acknowledged the vulnerability?
true
Discoverer
Suzhou Aurora Infinity Information Technology Co., Ltd.