Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A security issue was discovered in Z-BlogPHP <= 1.7.2. A Server-Side Request Forgery (SSRF) vulnerability in the zb_users/plugin/UEditor/php/action_crawler.php file allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the source parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Z-BlogPHP 代码问题漏洞
Vulnerability Description
Z-BlogPHP是Z-blog社区的一套开源的基于PHP的博客系统。 Z-BlogPHP 1.7.2及之前版本存在安全漏洞,该漏洞源于zb_users/plugin/UEditor/php/action_crawler.php文件中的服务器端请求伪造(SSRF)漏洞允许远程攻击者通过将任意URL注入源参数来强制应用程序发出任意请求。
CVSS Information
N/A
Vulnerability Type
N/A