| शीर्षक | bagisto v2.3.15 Server-Side Request Forgery |
|---|
| विवरण | The Bagisto 2.3.15 application is vulnerable to Server-Side Request Forgery (SSRF) and Arbitrary Local File Read (LFI) in the handling of downloadable product URLs.
The application allows authenticated users with permissions to manage downloadable products (e.g., product managers or sales roles) to configure a downloadable link using an arbitrary URL. This URL is stored without proper validation.
When a customer downloads the purchased product, the application server uses PHP’s copy() function to fetch the content from the stored URL. Because the URL is not validated or sanitized, an attacker can supply malicious payloads that cause the server to:
Send requests to internal or external systems (SSRF)
Access local files via file:// or direct filesystem paths (LFI)
This effectively turns the server into a proxy controlled by the attacker. |
|---|
| स्रोत | ⚠️ https://drive.google.com/file/d/1pVSN3BYjI_rUE2Jms5EcIBGSMdrq6Wql/view?usp=sharing |
|---|
| उपयोगकर्ता | hai271120 (UID 96497) |
|---|
| सबमिशन | 01/04/2026 03:59 PM (2 महीनों पहले) |
|---|
| संयम | 21/04/2026 02:04 PM (20 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 358435 [Bagisto तक 2.3.15 Downloadable Link copy अधिकार वृद्धि] |
|---|
| अंक | 20 |
|---|