CVE-2020-15227
Description
Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE. Nette is a PHP/Composer MVC Framework.
NVD
Severity: CRITICAL
CVE ID: CVE-2020-15227
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
GitHub, Inc.
Severity: HIGH
CVE ID: CVE-2020-15227
CVSS Score: 8.7
CVSS Metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
Proof Of Concept
Nuclei Templates for CVE-2020-15227
Refrence: Project Discovery GitHub
Langriklol
CVE-2020-15227 exploit
Refrence: GitHub
hu4wufu
CVE-2020-15227 exploit
Refrence: GitHub
filipsedivy
CVE-2020-15227 checker
Refrence: GitHub