Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-7600

EPSS 0.32% · P55
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-7600

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
querymen prior to 2.1.4 allows modification of object properties. The parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization. This could be abused for Prototype Pollution attacks.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
querymen 注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
querymen 2.1.4之前版本中存在注入漏洞。该漏洞源于用户输入构造命令、数据结构或记录的操作过程中,网络系统或产品缺乏对用户输入数据的正确验证,未过滤或未正确过滤掉其中的特殊元素,导致系统或产品产生解析或解释方式错误。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-querymen All versions prior to 2.1.4 -

II. Public POCs for CVE-2020-7600

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-7600

登录查看更多情报信息。

Same Patch Batch · n/a · 2020-03-12 · 141 CVEs total

CVE-2020-10436Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10419Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10420Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10421Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10422Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10423Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10424Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10425Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10426Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10427Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10428Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10429Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10430Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10431Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10432Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10433Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10434Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10435Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10446Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10448Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞

Showing top 20 of 141 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: querymen
Same vendor: n/a

V. Comments for CVE-2020-7600

No comments yet

Leave a comment