3 matches found
CVE-2024-0510
The CVE-2024-0510 issue affects HaoKeKeJi YiQiNiu up to version 3.1, specifically the http_post function in /application/pay/controller/Api.php. The root cause is improper handling of the url parameter, enabling server-side request forgery (SSRF). The vulnerability can be triggered remotely and h...
CVE-2024-0510 HaoKeKeJi YiQiNiu Api.php http_post server-side request forgery
A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1. Affected by this issue is the function httppost of the file /application/pay/controller/Api.php. The manipulation of the argument url leads to server-side request forgery. The attack may be launched...
CVE-2024-0510 HaoKeKeJi YiQiNiu Api.php http_post server-side request forgery
A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1. Affected by this issue is the function httppost of the file /application/pay/controller/Api.php. The manipulation of the argument url leads to server-side request forgery. The attack may be launched...