| عنوان | Psi Probe <=5.3.0 Server-Side Request Forgery |
|---|
| الوصف | Psi Probe contains a server-side request forgery (SSRF) vulnerability in the whois functionality. The application automatically connects to arbitrary servers specified in whois ReferralServer responses without validation, allowing authenticated attackers to scan internal networks, access internal services, and bypass firewall restrictions.
|
|---|
| المصدر | ⚠️ https://github.com/AnalogyC0de/public_exp/issues/12 |
|---|
| المستخدم | Ana10gy (UID 93358) |
|---|
| ارسال | 15/02/2026 04:38 AM (2 أشهر منذ) |
|---|
| الاعتدال | 26/02/2026 04:13 PM (11 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 347994 [psi-probe PSI Probe حتى 5.3.0 Whois Whois.java lookup تجاوز الصلاحيات] |
|---|
| النقاط | 18 |
|---|