CVE-2025-10395 Magicblack MacCMS Scheduled Task col_url server-side request forgery

A vulnerability was found in Magicblack MacCMS 2025.1000.4050. Affected by this vulnerability is the function colurl of the component Scheduled Task Handler. Performing manipulation of the argument cjurl results in server-side request forgery. It is possible to initiate the attack remotely...

CVE-2025-10395 Magicblack MacCMS Scheduled Task col_url server-side request forgery

A vulnerability was found in Magicblack MacCMS 2025.1000.4050. Affected by this vulnerability is the function colurl of the component Scheduled Task Handler. Performing manipulation of the argument cjurl results in server-side request forgery. It is possible to initiate the attack remotely...

CVE-2025-10395

The CVE-2025-10395 entry concerns Magicblack MacCMS (version 2025.1000.4050) where the col_url function in the Scheduled Task Handler is vulnerable. The root cause is improper manipulation of the cjurl parameter, enabling server-side request forgery. This can be triggered remotely and could impac...

CVE-2025-10393

A flaw has been found in miurla morphic up to 0.4.5. This impacts the function fetchHtml of the file /api/advanced-search of the component HTTP Status Code 3xx Handler. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-10393

A flaw has been found in miurla morphic up to 0.4.5. This impacts the function fetchHtml of the file /api/advanced-search of the component HTTP Status Code 3xx Handler. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-10393 miurla morphic HTTP Status Code 3xx advanced-search fetchHtml server-side request forgery

A flaw has been found in miurla morphic up to 0.4.5. This impacts the function fetchHtml of the file /api/advanced-search of the component HTTP Status Code 3xx Handler. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-10393

CVE-2025-10393 affects miurla morphic up to 0.4.5. The flaw resides in the fetchHtml function of the file /api/advanced-search in the HTTP Status Code 3xx Handler component, enabling server-side request forgery. The issue is exploitable remotely and is supported by published exploit information. ...

CVE-2025-10391

A security vulnerability has been detected in CRMEB up to 5.6.1. The impacted element is the function testOutUrl of the file app/services/out/OutAccountServices.php. The manipulation of the argument pushtokenurl leads to server-side request forgery. Remote exploitation of the attack is possible...

CVE-2025-10391 CRMEB OutAccountServices.php testOutUrl server-side request forgery

A security vulnerability has been detected in CRMEB up to 5.6.1. The impacted element is the function testOutUrl of the file app/services/out/OutAccountServices.php. The manipulation of the argument pushtokenurl leads to server-side request forgery. Remote exploitation of the attack is possible...

CVE-2025-10391

CRMEB up to 5.6.1 is affected by a server-side request forgery in the testOutUrl function (app/services/out/OutAccountServices.php) via manipulating the push_token_url argument. This allows remote exploitation and has been publicly disclosed; vendor response is absent. Remediation: upgrade to a f...

CVE-2025-10391 CRMEB OutAccountServices.php testOutUrl server-side request forgery

A security vulnerability has been detected in CRMEB up to 5.6.1. The impacted element is the function testOutUrl of the file app/services/out/OutAccountServices.php. The manipulation of the argument pushtokenurl leads to server-side request forgery. Remote exploitation of the attack is possible...

PT-2025-37404

Name of the Vulnerable Software and Affected Versions: miurla morphic versions prior to 0.4.5 Description: A flaw has been found in miurla morphic. This impacts the fetchHtml function of the file /api/advanced-search of the component HTTP Status Code 3xx Handler, causing server-side request...

PT-2025-37406

Name of the Vulnerable Software and Affected Versions: Magicblack MacCMS version 2025.1000.4050 Description: A server-side request forgery issue exists in the col url function of the Scheduled Task Handler component. Manipulation of the cjurl argument can trigger the issue, allowing for remote...

PT-2025-37408

Name of the Vulnerable Software and Affected Versions: Magicblack MacCMS version 2025.1000.4050 Description: A vulnerability exists in Magicblack MacCMS 2025.1000.4050, specifically within the API Handler component. Manipulation of the cjurl argument can lead to server-side request forgery SSRF...

PT-2025-37430

Name of the Vulnerable Software and Affected Versions: SourceCodester Link Status Checker version 1.0 Description: A security issue exists in SourceCodester Link Status Checker 1.0, affecting unknown code within the index.php file. Manipulation of the proxy argument can lead to server-side reques...

SourceCodester Link Status Checker 代码问题漏洞

SourceCodester Link Status Checker is an open source link status checker from SourceCodester. A code issue vulnerability exists in version 1.0 of SourceCodester Link Status Checker, which stems from an incorrect manipulation of the parameter proxy in the file index.php, which could lead to...

Morphic 代码问题漏洞

Morphic is an artificial intelligence search engine with a generative user interface by the individual developer Yoshiki Miura. A code issue vulnerability exists in Morphic version 0.4.5 and earlier, which stems from a flaw in the fetchHtml function of the /api/advanced-search file in the HTTP...

maccms10 代码问题漏洞

maccms10 is magicblack open source PHP+MYSQL environment using a set of perfect and powerful rapid site building system. maccms10 2025.1000.4050 version of the code problem vulnerabilities. A code issue vulnerability exists in maccms10 version 2025.1000.4050, which stems from the incorrect...

maccms10 代码问题漏洞

maccms10 is magicblack open source a set of PHP + MYSQL environment running under the perfect and powerful rapid site-building system. maccms10 2025.1000.4050 version of the code problem vulnerabilities. A code issue vulnerability exists in maccms10 version 2025.1000.4050, which stems from...

PT-2025-37402

Name of the Vulnerable Software and Affected Versions: CRMEB versions prior to 5.6.1 Description: A security issue exists in CRMEB that allows for server-side request forgery. The testOutUrl function within the app/services/out/OutAccountServices.php file is affected. Manipulation of the push tok...