Submit #809933: Vvveb CMS v1.0.8.1 ssrfinfo

TitleVvveb CMS v1.0.8.1 ssrf
DescriptionThe SSRF formation chain, code-level root cause, low-privilege reachability, and exploitation conditions of the backend editor endpoint /admin/index.php?module=editor/editor&action=oEmbedProxy The low-privilege author role is granted editor/* by default The IP restriction in validateUrl() is implemented incorrectly: it validates the full URL rather than the parsed hostname Therefore, from a code-chain perspective, the complete formation path is: A low-privilege backend account enters editor/editor A request is made with action=oEmbedProxy Editor::oEmbedProxy() directly reads $_GET['url'] getUrl() calls validateUrl() validateUrl() attempts to block IPs, but the regex matches $url rather than $host Addresses such as http://127.0.0.1/ and http://192.168.50.1/ bypass the validation The server uses curl / file_get_contents to make the request and directly returns the response content to the attacker
Source⚠️ https://github.com/myift/ideal-potato/blob/main/cve2/1/2/vvveb-editor-oembedproxy-ssrf-en.md
User
 myift (UID 86100)
Submission04/22/2026 11:09 (3 months ago)
Moderation05/16/2026 14:45 (24 days later)
StatusDuplicate
VulDB entry358309 [givanz Vvveb up to 1.0.8.0 file URL getUrl server-side request forgery]
Points0

Interested in the pricing of exploits?

See the underground prices here!