Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
dayrui XunRuiCMS Project Domain Change Test admin79f2ec220c7e.php server-side request forgery
Vulnerability Description
A flaw has been found in dayrui XunRuiCMS up to 4.7.1. This vulnerability affects unknown code of the file admin79f2ec220c7e.php?c=api&m=test_site_domain of the component Project Domain Change Test. This manipulation of the argument v causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
xunruicms 代码问题漏洞
Vulnerability Description
xunruicms是XunRuiCMS个人开发者的一个建站框架。 xunruicms 4.7.1及之前版本存在代码问题漏洞,该漏洞源于对文件admin79f2ec220c7e.php中参数v的错误操作,可能导致服务端请求伪造。
CVSS Information
N/A
Vulnerability Type
N/A