CVE-2023-3235
CVE-2023-3235 affects mccms up to 2.6.5. The vulnerability lies in the pic_api function in sys/apps/controllers/admin/Comic.php, where manipulation of the url parameter enables server-side request forgery (SSRF) and can be triggered remotely. Public exploitation has been disclosed. Affected versi...