| عنوان | wangl1989 mysiteforme 1.0 SSRF |
|---|
| الوصف | The doContent method in src/main/java/com/mysiteform/admin/controller/system/FileController. java does not filter the incoming content, allowing attackers to read any files on the server or exploit the server to read any files on other websites. |
|---|
| المصدر | ⚠️ https://github.com/wangl1989/mysiteforme/issues/56 |
|---|
| المستخدم | LVZC (UID 74910) |
|---|
| ارسال | 24/12/2024 03:37 PM (1 سنة منذ) |
|---|
| الاعتدال | 04/01/2025 10:48 AM (11 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 290213 [wangl1989 mysiteforme 1.0 FileController doContent content تجاوز الصلاحيات] |
|---|
| النقاط | 16 |
|---|