| Título | Boyun Boyun PHPCMS <=1.4.20 SSRF |
|---|
| Descripción | A Server-Side Request Forgery (SSRF) vulnerability exists in BoYun PHPCMS (≤1.4.20) in /application/pay/controller/Index.php, where user-supplied URLs are passed directly to curl without validation, allowing attackers to make requests to internal or arbitrary network resources and potentially access sensitive internal services. |
|---|
| Fuente | ⚠️ https://note-hxlab.wetolink.com/share/gRI0WyQLQsmd |
|---|
| Usuario | YELEIPENG (UID 73615) |
|---|
| Sumisión | 2025-06-26 08:14 (hace 10 meses) |
|---|
| Moderación | 2025-07-05 19:39 (9 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 315017 [BoyunCMS hasta 1.4.20 curl Index.php escalada de privilegios] |
|---|
| Puntos | 19 |
|---|