| Title | https://gitee.com/chshcms/mccms mccms 2.7 Server-Side Request Forgery |
|---|
| Description | The index () method in MCCMS 2.7 version sys/apps/controllers/api/Gf.php has
SSRF, which allows attackers to read arbitrary files or send network requests by
constructing pic parameters
|
|---|
| Source | ⚠️ https://github.com/caigo8/CVE-md/blob/main/Mccms_V2.7/%E5%89%8D%E5%8F%B0SSRF.md |
|---|
| User | huanyue (UID 62942) |
|---|
| Submission | 05/21/2025 14:31 (11 months ago) |
|---|
| Moderation | 05/29/2025 10:39 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 310497 [chshcms mccms 2.7 Gf.php index pic server-side request forgery] |
|---|
| Points | 17 |
|---|