2 matches found
CVE-2022-41496
iCMS v7.0.16 was discovered to contain a Server-Side Request Forgery SSRF via the url parameter at admincp.php...
CVE-2022-41496
CVE-2022-41496 affects iCMS v7.0.16 with a Server-Side Request Forgery (SSRF) via the url parameter in admincp.php. CVSSv3.1 base score 9.8 (CRITICAL) — network access, no user interaction required. Connected documents confirm the SSRF issue; PT-2022 offers a workaround: avoid or restrict the url...