| عنوان | Nettec CMS PHP version V6.72 has an SSRF vulnerability in the background info deal.php |
|---|
| الوصف | Nettec CMS PHP version V6.72 has an SSRF vulnerability in the background info deal.php,Use ssrf to obtain sensitive file information on the intranet。We can replace the URL parameter with the address of the intranet, which will leak the information of the server intranet. You can read local files by replacing the URL with file://.
http://otcms.com/news/7856.html |
|---|
| المصدر | ⚠️ https://github.com/BigTiger2020/2023-1/blob/main/ssrf/ssrf.md |
|---|
| المستخدم | fzh1613 (UID 42854) |
|---|
| ارسال | 24/03/2023 08:41 AM (3 سنوات منذ) |
|---|
| الاعتدال | 25/03/2023 07:01 PM (1 day later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 224016 [OTCMS 6.72 URL Parameter /admin/info_deal.php UseCurl تجاوز الصلاحيات] |
|---|
| النقاط | 18 |
|---|