3 matches found
CVE-2024-48232
An issue was found in mipjz 5.0.5. In the mipPost method of \app\setting\controller\ApiAdminTool.php, the value of the postAddress parameter is not processed and is directly passed into curlexec execution and output, resulting in a Server-side request forgery SSRF vulnerability that can read serv...
mipjz 安全漏洞
mipjz is a content management system developed by sansanyun based on Baidu Mobile Accelerator MIP. A security vulnerability exists in mipjz version 5.0.5, which is caused by improper handling of the ICP parameter in appsettingcontrollerApiAdminSetting.php, which is susceptible to cross-site...
mipjz 跨站脚本漏洞
mipjz is sansanyun individual developers of a set of Baidu Mobile Accelerator MIP-based content management system . A security vulnerability exists in mipjz version v5.0.5, which stems from a stored cross-site scripting XSS vulnerability that allows an attacker to execute arbitrary web script or...