Submit #716082: EyouCMS 1.7.6 SSRFinfo

TitleEyouCMS 1.7.6 SSRF
DescriptionEyouCMS version 1.7.6 contains a Server-Side Request Forgery (SSRF) vulnerability in the remote image fetching functionality. The saveRemote() function in application/function.php allows authenticated administrators to fetch remote resources via user-controlled URLs without validating whether the target is an internal or private IP address. This allows attackers to scan internal networks, discover internal services, and potentially access cloud metadata endpoints.
Source⚠️ https://note-hxlab.wetolink.com/share/m0ZISYsEUIOg
User
 yu22x (UID 34832)
Submission12/16/2025 02:22 (6 months ago)
Moderation12/27/2025 12:23 (11 days later)
StatusDuplicate
VulDB entry182139 [EyouCms 1.5.4 URL saveRemote server-side request forgery]
Points0

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!