| عنوان | EyouCMS 1.7.6 SSRF |
|---|
| الوصف | EyouCMS version 1.7.6 contains a Server-Side Request Forgery (SSRF) vulnerability in the remote image fetching functionality. The saveRemote() function in application/function.php allows authenticated administrators to fetch remote resources via user-controlled URLs without validating whether the target is an internal or private IP address. This allows attackers to scan internal networks, discover internal services, and potentially access cloud metadata endpoints. |
|---|
| المصدر | ⚠️ https://note-hxlab.wetolink.com/share/m0ZISYsEUIOg |
|---|
| المستخدم | yu22x (UID 34832) |
|---|
| ارسال | 16/12/2025 02:22 AM (6 أشهر منذ) |
|---|
| الاعتدال | 27/12/2025 12:23 PM (11 days later) |
|---|
| الحالة | مكرر |
|---|
| إدخال VulDB | 182139 [EyouCms 1.5.4 URL saveRemote تجاوز الصلاحيات] |
|---|
| النقاط | 0 |
|---|