Submit #503719: Beijing Founder Electronics Co., Ltd. Founder Enjoys All-Media Acquisition and Editing System V3.0 Server-Side Request Forgeryinfo

TitleBeijing Founder Electronics Co., Ltd. Founder Enjoys All-Media Acquisition and Editing System V3.0 Server-Side Request Forgery
Description The xyImgUrl parameter in the xy/imageProxy.do interface of Founder Changxiang All-Media News Editing System contains an SSRF (Server-Side Request Forgery) vulnerability, which allows attackers to read files using the file protocol.
Source⚠️ https://flowus.cn/share/a104e4fc-a8f7-48b1-8648-1a3e5f78b9bf?code=G8A6P3
User
 0menc (UID 75423)
Submission02/19/2025 10:06 (1 Year ago)
Moderation03/08/2025 08:34 (17 days later)
StatusAccepted
VulDB entry299011 [Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System File Protocol imageProxy.do server-side request forgery]
Points16

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!