| Title | wangl1989 mysiteforme 1.0 SSRF |
|---|
| Description | The doContent method in src/main/java/com/mysiteform/admin/controller/system/FileController. java does not filter the incoming content, allowing attackers to read any files on the server or exploit the server to read any files on other websites. |
|---|
| Source | ⚠️ https://github.com/wangl1989/mysiteforme/issues/56 |
|---|
| User | LVZC (UID 74910) |
|---|
| Submission | 12/24/2024 15:37 (1 Year ago) |
|---|
| Moderation | 01/04/2025 10:48 (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 290213 [wangl1989 mysiteforme 1.0 FileController doContent content server-side request forgery] |
|---|
| Points | 16 |
|---|