2 matches found
EUVD-2025-206693
Tiny File Manager through 2.6 contains a server-side request forgery SSRF vulnerability in the URL upload feature. Due to insufficient validation of user-supplied URLs, an attacker can send crafted requests to localhost by using http://www.127.0.0.1.example.com/ or a similarly constructed domain...
Shopware 代码问题漏洞
Shopware is a suite of open source e-commerce software from the German company Shopware. versions of Shopware prior to 6.4.3.1 are vulnerable to a code issue that allows an authenticated attacker to upload files via URL to trigger server-side request forgery. No detailed vulnerability details are...