Server side request forgery (ssrf)

In Camaleon CMS, versions 2.1.2.0 to 2.6.0, are vulnerable to Server-Side Request Forgery SSRF in the media upload feature, which allows admin users to fetch media files from external URLs but fails to validate URLs referencing to localhost or other internal servers. This allows attackers to read...

Cisco DNA Center Information Disclosure Vulnerability (CNVD-2021-05393)

Cisco DNA Center is the network management and command center for Cisco DNA. An information disclosure vulnerability exists in the Configuration Archiving feature in Cisco DNA Center versions prior to 2.1.2.0. The vulnerability stems from the fact that configuration archive files are stored in...