Server side request forgery (ssrf)

2009-05-0615:30:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.3%

JSON

Zakkis Technology ABC Advertise 1.0 does not properly restrict access to admin.inc.php, which allows remote attackers to obtain the administrator login name and password via a direct request.

CPENameOperatorVersion
abc_advertiseeq1.0

CPE	Name	Operator	Version
	abc_advertise	eq	1.0

References

exchange.xforce.ibmcloud.com/vulnerabilities/50183

www.exploit-db.com/exploits/8555