CVE-2020-20012

WebPlus Pro v1.4.7.8.4-01 is vulnerable to Incorrect Access Control.
Configurations

Configuration 1 (hide)

cpe:2.3:a:sudytech:webplus_pro:1.4.7.8.4-01:*:*:*:*:*:*:*

History

21 Nov 2024, 05:11

Type Values Removed Values Added
References () http://wzqpt.hfut.edu.cn/login.jsp?_p=YXM9MSZwPTEmbT1OJg__ - Broken Link () http://wzqpt.hfut.edu.cn/login.jsp?_p=YXM9MSZwPTEmbT1OJg__ - Broken Link
References () https://gist.github.com/1915504804/9503198d3cbd5bc7db47625ac0caaade - Exploit, Third Party Advisory () https://gist.github.com/1915504804/9503198d3cbd5bc7db47625ac0caaade - Exploit, Third Party Advisory

30 May 2023, 18:22

Type Values Removed Values Added
CWE CWE-22
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
References (MISC) https://gist.github.com/1915504804/9503198d3cbd5bc7db47625ac0caaade - (MISC) https://gist.github.com/1915504804/9503198d3cbd5bc7db47625ac0caaade - Exploit, Third Party Advisory
References (MISC) http://wzqpt.hfut.edu.cn/login.jsp?_p=YXM9MSZwPTEmbT1OJg__ - (MISC) http://wzqpt.hfut.edu.cn/login.jsp?_p=YXM9MSZwPTEmbT1OJg__ - Broken Link
CPE cpe:2.3:a:sudytech:webplus_pro:1.4.7.8.4-01:*:*:*:*:*:*:*

23 May 2023, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-05-23 01:15

Updated : 2024-11-21 05:11


NVD link : CVE-2020-20012

Mitre link : CVE-2020-20012

CVE.ORG link : CVE-2020-20012


JSON object : View

Products Affected

sudytech

  • webplus_pro
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')