3 matches found
CVE-2024-0649
A vulnerability was found in ZhiHuiYun up to 4.4.13 and classified as critical. This issue affects the function downloadnetworkimage of the file /app/Http/Controllers/ImageController.php of the component Search. The manipulation of the argument url leads to server-side request forgery. The attack...
PT-2024-15716 · Zhihuiyun · Zhihuiyun
Name of the Vulnerable Software and Affected Versions: ZhiHuiYun versions up to 4.4.13 Description: A critical issue affects the function download network image of the file /app/Http/Controllers/ImageController.php of the component Search. The manipulation of the argument url leads to server-side...
ZhiHuiYun Code Issue Vulnerability
ZhiHuiYun is a smart campus solution from ZhiHuiYun. ZhiHuiYun 4.4.13 and earlier versions have a code issue vulnerability that stems from a server-side request forgery SSRF vulnerability in the parameter url of the downloadnetworkimage function in /app/Http/Controllers/ImageController.php...