Vulnerability Details CVE-2020-19551
Blacklist bypass issue exists in WUZHI CMS up to and including 4.1.0 in common.func.php, which when uploaded can cause remote code executiong.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2020-19551
-
cpe:2.3:a:wuzhicms:wuzhicms:2.0.1
-
cpe:2.3:a:wuzhicms:wuzhicms:2.0.4
-
cpe:2.3:a:wuzhicms:wuzhicms:2.0.5
-
cpe:2.3:a:wuzhicms:wuzhicms:2.1.2
-
cpe:2.3:a:wuzhicms:wuzhicms:2.1.3
-
cpe:2.3:a:wuzhicms:wuzhicms:2.1.6
-
cpe:2.3:a:wuzhicms:wuzhicms:2.1.7
-
cpe:2.3:a:wuzhicms:wuzhicms:3.0.0
-
cpe:2.3:a:wuzhicms:wuzhicms:3.0.1
-
cpe:2.3:a:wuzhicms:wuzhicms:3.0.3
-
cpe:2.3:a:wuzhicms:wuzhicms:3.0.3.0
-
cpe:2.3:a:wuzhicms:wuzhicms:3.0.4
-
cpe:2.3:a:wuzhicms:wuzhicms:3.0.4.0
-
cpe:2.3:a:wuzhicms:wuzhicms:3.1.0
-
cpe:2.3:a:wuzhicms:wuzhicms:3.1.0.1
-
cpe:2.3:a:wuzhicms:wuzhicms:3.1.0.2
-
cpe:2.3:a:wuzhicms:wuzhicms:3.1.1
-
cpe:2.3:a:wuzhicms:wuzhicms:3.1.2
-
cpe:2.3:a:wuzhicms:wuzhicms:3.1.3
-
cpe:2.3:a:wuzhicms:wuzhicms:4.0.0
-
cpe:2.3:a:wuzhicms:wuzhicms:4.0.1
-
cpe:2.3:a:wuzhicms:wuzhicms:4.1.0