exploitDog

CVE-2021-27312

Опубликовано: 03 апр. 2024

Источник: nvd

CVSS3: 9.4

EPSS Низкий

Описание

Server Side Request Forgery (SSRF) vulnerability in Gleez Cms 1.2.0, allows remote attackers to execute arbitrary code and obtain sensitive information via modules/gleez/classes/request.php.

Ссылки

https://gist.github.com/LioTree/8d10d123d31f50db05a25586e62a87ba
Exploit
Third Party Advisory
https://github.com/gleez/cms/issues/805
Issue Tracking
https://gist.github.com/LioTree/8d10d123d31f50db05a25586e62a87ba
Exploit
Third Party Advisory
https://github.com/gleez/cms/issues/805
Issue Tracking

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gleezcms:gleez_cms:1.2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 83%

0.01935

Низкий

9.4 Critical

CVSS3

Дефекты

CWE-918

Связанные уязвимости

GHSA-7mxg-r76p-363g

CVSS3: 9

github

почти 2 года назад

Gleez Cms Server Side Request Forgery (SSRF) vulnerability

EPSS

Процентиль: 83%

0.01935

Низкий

9.4 Critical

CVSS3

Дефекты

CWE-918