Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows attacks to scan ports on the Intranet or local network where the server resides, attack applications running on the Intranet or local network, or read metadata on the cloud server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Xingyuantu SparkShop 安全漏洞
Vulnerability Description
Xingyuantu SparkShop是中国星远图(Xingyuantu)公司的一个开源商城。 Xingyuantu SparkShop 1.1.7及之前版本存在安全漏洞,该漏洞源于容易受到服务器端请求伪造(SSRF)攻击,允许攻击者扫描服务器所在的内联网或本地网络上的端口、攻击在内联网或本地网络上运行的应用程序、或读取云服务器上的元数据。
CVSS Information
N/A
Vulnerability Type
N/A