Submit #503719: Beijing Founder Electronics Co., Ltd. Founder Enjoys All-Media Acquisition and Editing System V3.0 Server-Side Request Forgeryinfo

TitelBeijing Founder Electronics Co., Ltd. Founder Enjoys All-Media Acquisition and Editing System V3.0 Server-Side Request Forgery
Beschreibung The xyImgUrl parameter in the xy/imageProxy.do interface of Founder Changxiang All-Media News Editing System contains an SSRF (Server-Side Request Forgery) vulnerability, which allows attackers to read files using the file protocol.
Quelle⚠️ https://flowus.cn/share/a104e4fc-a8f7-48b1-8648-1a3e5f78b9bf?code=G8A6P3
Benutzer
 0menc (UID 75423)
Einreichung19.02.2025 10:06 (vor 1 Jahr)
Moderieren08.03.2025 08:34 (17 days later)
StatusAkzeptiert
VulDB Eintrag299011 [Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System File Protocol imageProxy.do erweiterte Rechte]
Punkte16

ZurückÜbersichtWeiter

Want to know what is going to be exploited?

We predict KEV entries!