| 제목 | JiZhiCMS 2.4.5 is vulnerable to Server-side request forgery (SSRF) |
|---|
| 설명 | A vulnerability has been discovered in JiZhiCMS. This affects the index function in the file TemplateController.php. Manipulation of parameters leads to SSRF.
The problem is in the Index function in TemplateController.php, we can control the set and webapi parameters can be customized to add an address and then visit Template/index can be triggered. |
|---|
| 원천 | ⚠️ https://github.com/HuBenLab/HuBenVulList/blob/main/JiZhiCMS%20is%20vulnerable%20to%20Server-side%20request%20forgery%20(SSRF).md |
|---|
| 사용자 | p0ison (UID 37575) |
|---|
| 제출 | 2023. 05. 25. AM 08:51 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 05. 27. AM 09:37 (2 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 230082 [JIZHICMS 2.4.5 TemplateController.php index webapi 권한 상승] |
|---|
| 포인트들 | 18 |
|---|