Enviar #690728: Zentao PMS <=21.7.6-85642 SSRFinformación

TítuloZentao PMS <=21.7.6-85642 SSRF
DescripciónAn attacker can construct a malicious base parameter. By making the server send HTTP requests, the attacker can perform internal network discovery, port scanning, and other attacks. Because different port services return different error messages and response times, an attacker can determine whether internal ports are open by analysing response differences, creating a serious security risk. For details, please refer to the advisory.
Fuente⚠️ https://github.com/ez-lbz/ez-lbz.github.io/issues/2
Usuario
 ez-lbz (UID 87033)
Sumisión2025-11-07 03:18 (hace 8 meses)
Moderación2025-11-29 21:29 (23 days later)
EstadoAceptado
Entrada de VulDB333793 [ZenTao hasta 21.7.6-8564 module/ai/model.php makeRequest Base escalada de privilegios]
Puntos19

AnteriorVisión De ConjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!