Soumettre #716082: EyouCMS 1.7.6 SSRFinformation

TitreEyouCMS 1.7.6 SSRF
DescriptionEyouCMS version 1.7.6 contains a Server-Side Request Forgery (SSRF) vulnerability in the remote image fetching functionality. The saveRemote() function in application/function.php allows authenticated administrators to fetch remote resources via user-controlled URLs without validating whether the target is an internal or private IP address. This allows attackers to scan internal networks, discover internal services, and potentially access cloud metadata endpoints.
La source⚠️ https://note-hxlab.wetolink.com/share/m0ZISYsEUIOg
Utilisateur
 yu22x (UID 34832)
Soumission16/12/2025 02:22 (il y a 6 mois)
Modérer27/12/2025 12:23 (11 days later)
StatutDupliqué
Entrée VulDB182139 [EyouCms 1.5.4 URL saveRemote élévation de privilèges]
Points0

PrécédentAperçuSuivant

Might our Artificial Intelligence support you?

Check our Alexa App!