2 matches found
Tpshop <= 2.0.6 Server Side Request Forgery Vulnerability
Exploit for php platform in category web applications SSRF(Server Side Request Forgery) in Tpshop = 2.0.6 CVE-2017-16614 The Tpshop open source mall system is a multi-merchant mode mall system developed by Shenzhen Leopard Network Co., Ltd.This system is based on the Thinkphp development framewor...
CVE-2017-16614
CVE-2017-16614 describes an SSRF vulnerability in Tpshop (versions 2.0.5 and 2.0.6) affecting the fBill parameter in the WxPay.tedatac.php path (plugins/payment/weixin/lib/). An attacker could remotely trigger requests that may leak sensitive information, probe internal/intranet hosts, or potenti...