Submeter #690728: Zentao PMS <=21.7.6-85642 SSRFinformação

TítuloZentao PMS <=21.7.6-85642 SSRF
DescriçãoAn attacker can construct a malicious base parameter. By making the server send HTTP requests, the attacker can perform internal network discovery, port scanning, and other attacks. Because different port services return different error messages and response times, an attacker can determine whether internal ports are open by analysing response differences, creating a serious security risk. For details, please refer to the advisory.
Fonte⚠️ https://github.com/ez-lbz/ez-lbz.github.io/issues/2
Utilizador
 ez-lbz (UID 87033)
Submissão07/11/2025 03h18 (há 8 meses)
Moderação29/11/2025 21h29 (23 days later)
EstadoAceite
Entrada VulDB333793 [ZenTao até 21.7.6-8564 module/ai/model.php makeRequest Base Elevação de Privilégios]
Pontos19

VoltarVisão GeralPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!