Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
kasuganosoras Pigeon index.php server-side request forgery
Vulnerability Description
A vulnerability was found in kasuganosoras Pigeon 1.0.177. It has been declared as critical. This vulnerability affects unknown code of the file /pigeon/imgproxy/index.php. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. Upgrading to version 1.0.181 is able to address this issue. The patch is identified as 84cea5fe73141689da2e7ec8676d47435bd6423e. It is recommended to upgrade the affected component.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Pigeon 代码问题漏洞
Vulnerability Description
Pigeon是Akkariin Meiko个人开发者的一个轻量化的留言板/记事本/社交系统/博客。 Pigeon 1.0.177版本存在代码问题漏洞,该漏洞源于文件/pigeon/imgproxy/index.php的参数url会导致服务器端请求伪造。
CVSS Information
N/A
Vulnerability Type
N/A