6.8
CVSSv2

CVE-2020-5776

Published: 01/09/2020 Updated: 08/09/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 607
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. RCE (via phpcli command) is possible in the event that a CSRF is leveraged against an existing admin session for MAGMI.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

magmi project magmi

Github Repositories

2020年发布到阿尔法实验室微信公众号的所有安全资讯汇总

欢迎关注阿尔法实验室微信公众号 20201231 [漏洞] 2020年增加的10个最严重的CVE blogdetectifycom/2020/12/30/top-10-critical-cves-added-in-2020/ Chromium RawClipboardHostImpl中的UAF漏洞 bugschromiumorg/p/chromium/issues/detail?id=1101509 [工具] Sarenka:OSINT工具,将来自shodan、censys等服务的数据集中在一处

Nuclei Templates Templates are the core of nuclei scanner which power the actual scanning engine This repository stores and houses various templates for the scanner provided by our team as well as contributed by the community We hope that you also contribute by sending templates via pull requests or Github issue and grow the list Resources Templates Documentation Contr

Nuclei Templates Templates are the core of nuclei scanner which power the actual scanning engine This repository stores and houses various templates for the scanner provided by our team as well as contributed by the community We hope that you also contribute by sending templates via pull requests or Github issue and grow the list Resources Templates Documentation Contr

Kenzer Templates [1289] TEMPLATE TOOL FILE favinizer favinizer favinizeryaml CVE-2017-5638 jaeles jaeles\cvescan\critical\CVE-2017-5638yaml CVE-2017-6360 jaeles jaeles\cvescan\critical\CVE-2017-6360yaml CVE-2017-6361 jaeles jaeles\cvescan\critical\CVE-2017-6361yaml CVE-2017-9841 jaeles jaeles\cvescan\critical\CVE-2017-9841yaml CVE-2018-16763 jaeles jaeles\

CVE Data Analysis, CVE Monitor, CVE EXP Prediction Based on Deep Learning. 1999-2020年存量CVE数据分析、监控CVE增量更新、基于深度学习的CVE EXP预测和自动化推送

CVE-Flow 1999-2020存量CVE数据分析、监控CVE增量更新、基于深度学习的CVE EXP预测和自动化推送 Report CVE-Flow:1999-2020年CVE数据分析 CVE-Flow:CVE EXP监控和预测 数据-所有 数据-年度 本日新增EXP ID Description CVE_PubDate EXP_PubDate Source CVE-2020-0674 A remote code execution vulnerability exists in the way that the scripti

essential templates for kenzer [DEPRECATED]

Kenzer Templates [5170] [DEPRECATED] TEMPLATE TOOL FILE favinizer favinizer favinizeryaml CVE-2013-2251 freaker freaker/exploits/CVE-2013-2251/exploitsh CVE-2017-6360 freaker freaker/exploits/CVE-2017-6360/exploitsh CVE-2017-6361 freaker freaker/exploits/CVE-2017-6361/exploitsh CVE-2017-7921 freaker freaker/exploits/CVE-2017-7921/exploitsh CVE-2018-11784 f