A vulnerability classified as critical has been found in mccms up to 2.6.5. This affects the function pic_save of the file sys/apps/controllers/admin/Comic.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231507.
References
Link | Resource |
---|---|
https://github.com/HuBenLab/HuBenVulList/blob/main/MCCMS%20is%20vulnerable%20to%20Server-side%20request%20forgery%20(SSRF)%202.md | Exploit |
https://vuldb.com/?ctiid.231507 | Permissions Required |
https://vuldb.com/?id.231507 | Permissions Required |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: VulDB
Published: 2023-06-14T07:00:06.331Z
Updated: 2024-02-13T07:34:39.340Z
Reserved: 2023-06-14T05:48:17.365Z
Link: CVE-2023-3236
JSON object: View
NVD Information
Status : Modified
Published: 2023-06-14T07:15:09.580
Modified: 2024-05-17T02:27:22.540
Link: CVE-2023-3236
JSON object: View
Redhat Information
No data.
CWE