| 제목 | Beijing Founder Electronics Co., Ltd. Founder Enjoys All-Media Acquisition and Editing System V3.0 Server-Side Request Forgery |
|---|
| 설명 |
The xyImgUrl parameter in the xy/imageProxy.do interface of Founder Changxiang All-Media News Editing System contains an SSRF (Server-Side Request Forgery) vulnerability, which allows attackers to read files using the file protocol. |
|---|
| 원천 | ⚠️ https://flowus.cn/share/a104e4fc-a8f7-48b1-8648-1a3e5f78b9bf?code=G8A6P3 |
|---|
| 사용자 | 0menc (UID 75423) |
|---|
| 제출 | 2025. 02. 19. AM 10:06 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 03. 08. AM 08:34 (17 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 299011 [Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System File Protocol imageProxy.do 권한 상승] |
|---|
| 포인트들 | 16 |
|---|