4 matches found
CVE-2023-3236
A vulnerability classified as critical has been found in mccms up to 2.6.5. This affects the function picsave of the file sys/apps/controllers/admin/Comic.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit ha...
Server side request forgery (ssrf)
A vulnerability classified as critical has been found in mccms up to 2.6.5. This affects the function picsave of the file sys/apps/controllers/admin/Comic.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit ha...
CVE-2023-3236
The CVE-2023-3236 entry concerns mccms up to version 2.6.5, where the pic_save function in sys/apps/controllers/admin/Comic.php accepts a pic argument that can be manipulated to trigger server-side request forgery (SSRF). The vulnerability enables remote initiation and has public exploitation dis...
CVE-2023-3236 mccms Comic.php pic_save server-side request forgery
A vulnerability classified as critical has been found in mccms up to 2.6.5. This affects the function picsave of the file sys/apps/controllers/admin/Comic.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit ha...