CWE-918

CVE-2020-21788

February 26, 2023 by

In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The vulnerable code is in file /crmeb/app/admin/controller/store/CopyTaobao.php.

CVE-2020-21649

February 26, 2023 by

Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component controllerindex.php, which can be exploited via the sql() method.

CVE-2020-21653

February 26, 2023 by

Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component controllerindex.php, which can be exploited via the sj() method.

CVE-2020-21122

February 26, 2023 by

UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports.

CVE-2020-20582

February 26, 2023 by

A server side request forgery (SSRF) vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1 allows attackers to access sensitive information.

CVE-2020-20341

February 26, 2023 by

YzmCMS v5.5 contains a server-side request forgery (SSRF) in the grab_image() function.