| Title | Eyoucms 1.7.7 SSRF Vulnerability |
|---|
| Description | A Server-Side Request Forgery (SSRF) vulnerability was found in EyouCMS version 1.7.7 and earlier. The vulnerability exists in the image fetching functionality where user-supplied URLs are not properly validated before making server-side HTTP requests. This allows an authenticated attacker to send crafted requests that can reach internal network services or cloud metadata endpoints. The vulnerability requires user authentication to exploit. |
|---|
| Source | ⚠️ https://note-hxlab.wetolink.com/share/DeUFyoSjsPPK |
|---|
| User | pemic (UID 93604) |
|---|
| Submission | 12/18/2025 08:14 (6 months ago) |
|---|
| Moderation | 12/30/2025 19:46 (12 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 339081 [EyouCMS up to 1.7.7 application/function.php saveRemote server-side request forgery] |
|---|
| Points | 20 |
|---|