CVE-2018-6029

HIGH

7.5

CVSS Severity Score

EPSS Score0.1230%

EPSS Percentile8.07th

Published2018年1月23日

Last Modified2024年11月21日

Vulnerability Description

The copy function in application/admin/controller/Article.php in NoneCms 1.3.0 allows remote attackers to access the content of internal and external network resources via Server Side Request Forgery (SSRF), because URL validation only considers whether the URL contains the "csdn" substring.

Affected Platforms (CPE)

📦

5none

Nonecms

= 1.3.0

References & Advisories

🔗 http://blackwolfsec.cc/2018/01/23/Nonecms_ssrf/

関連する脆弱性情報

CVE-2018-200629.8

An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via ...

CVE-2018-72198.8

application/admin/controller/Admin.php in NoneCms 1.3.0 has CSRF, as demonstrated by changing an admin password or adding an accou...

CVE-2020-186477.5

Information Disclosure in NoneCMS v1.3 allows remote attackers to obtain sensitive information via the component "/nonecms/vendor"...

CVE-2020-186467.5

Information Disclosure in NoneCMS v1.3 allows remote attackers to obtain sensitive information via the component "/public/index.ph...