漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
kasuganosoras Pigeon index.php server-side request forgery
Vulnerability Description
A vulnerability was found in kasuganosoras Pigeon 1.0.177. It has been declared as critical. This vulnerability affects unknown code of the file /pigeon/imgproxy/index.php. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. Upgrading to version 1.0.181 is able to address this issue. The patch is identified as 84cea5fe73141689da2e7ec8676d47435bd6423e. It is recommended to upgrade the affected component.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Pigeon 代码问题漏洞
Vulnerability Description
Pigeon是Akkariin Meiko个人开发者的一个轻量化的留言板/记事本/社交系统/博客。 Pigeon 1.0.177版本存在代码问题漏洞,该漏洞源于文件/pigeon/imgproxy/index.php的参数url会导致服务器端请求伪造。
CVSS Information
N/A
Vulnerability Type
N/A