A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the url parameter.
References
Link | Resource |
---|---|
https://github.com/zer0yu/CVE_Request/blob/master/baijiacms/baijiacmsv4_ssrf.md | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2022-09-20 20:15
Updated : 2022-09-21 20:05
NVD link : CVE-2022-38931
Mitre link : CVE-2022-38931
CVE.ORG link : CVE-2022-38931
JSON object : View
Products Affected
baijiacms_project
- baijiacms
CWE
CWE-918
Server-Side Request Forgery (SSRF)