Invia #690728: Zentao PMS <=21.7.6-85642 SSRFinformazioni

TitoloZentao PMS <=21.7.6-85642 SSRF
DescrizioneAn attacker can construct a malicious base parameter. By making the server send HTTP requests, the attacker can perform internal network discovery, port scanning, and other attacks. Because different port services return different error messages and response times, an attacker can determine whether internal ports are open by analysing response differences, creating a serious security risk. For details, please refer to the advisory.
Fonte⚠️ https://github.com/ez-lbz/ez-lbz.github.io/issues/2
Utente
 ez-lbz (UID 87033)
Sottomissione07/11/2025 03:18 (8 mesi fa)
Moderazione29/11/2025 21:29 (23 days later)
StatoAccettato
Voce VulDB333793 [ZenTao fino a 21.7.6-8564 module/ai/model.php makeRequest Base escalationi di privilegi]
Punti19

PrecedenteVisione D'ensembleIl prossimo

Interested in the pricing of exploits?

See the underground prices here!