CVE-2024-48232

An issue was found in mipjz 5.0.5. In the mipPost method of \app\setting\controller\ApiAdminTool.php, the value of the postAddress parameter is not processed and is directly passed into curlexec execution and output, resulting in a Server-side request forgery SSRF vulnerability that can read serv...

mipjz 安全漏洞

mipjz is a content management system based on Baidu Mobile Accelerator MIP developed by sansanyun individual developer. A security vulnerability exists in mipjz version 5.0.5, which originates from the mipPost method in appsettingcontrollerApiAdminTool.php that improperly handles the postAddress...