A vulnerability classified as critical has been found in MuYuCMS 2.2. This affects an unknown part of the file /admin.php/update/getFile.html. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221805 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/MuYuCMS/MuYuCMS/issues/7 | Exploit Issue Tracking Third Party Advisory |
https://vuldb.com/?ctiid.221805 | Permissions Required |
https://vuldb.com/?id.221805 | Permissions Required |
Configurations
History
03 Mar 2023, 04:48
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CPE | cpe:2.3:a:muyucms:muyucms:2.2:*:*:*:*:*:*:* | |
References | (MISC) https://github.com/MuYuCMS/MuYuCMS/issues/7 - Exploit, Issue Tracking, Third Party Advisory | |
References | (MISC) https://vuldb.com/?id.221805 - Permissions Required | |
References | (MISC) https://vuldb.com/?ctiid.221805 - Permissions Required | |
First Time |
Muyucms muyucms
Muyucms |
26 Feb 2023, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-26 13:15
Updated : 2024-04-11 01:17
NVD link : CVE-2023-1046
Mitre link : CVE-2023-1046
CVE.ORG link : CVE-2023-1046
JSON object : View
Products Affected
muyucms
- muyucms
CWE
CWE-918
Server-Side Request Forgery (SSRF)