Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
wangsongyan wblog backup.go RestorePost server-side request forgery
Vulnerability Description
A vulnerability was identified in wangsongyan wblog 0.0.1. This affects the function RestorePost of the file backup.go. Such manipulation of the argument fileName leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
wblog 代码问题漏洞
Vulnerability Description
wblog是OnTheRoad个人开发者的一个应用程序。 wblog 0.0.1版本存在代码问题漏洞,该漏洞源于backup.go文件中的RestorePost函数对参数fileName的错误操作,导致服务端请求伪造。
CVSS Information
N/A
Vulnerability Type
N/A