Security Advisory

CVE-2018-6029

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-01-23 06:00:00

Last updated 2024-08-05 05:54:53

Assigner mitre

State PUBLISHED

Description

The copy function in application/admin/controller/Article.php in NoneCms 1.3.0 allows remote attackers to access the content of internal and external network resources via Server Side Request Forgery (SSRF), because URL validation only considers whether the URL contains the "csdn" substring.

← Browse all CVEs View on cve.org ↗