Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/04/27 1:22 p.m.4 views

CVE-2026-7025

A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping Back Service Endpoint. The manipulation of the argument X-Pingback/link results in server-side request forgery. The attack may...

7.5CVSS7AI score0.00278EPSS
Exploits0References1
CVE
CVE
added 2026/04/26 7:0 a.m.13 views

CVE-2026-7025

Typecho up to 1.3.0 is affected by a server-side request forgery in the Ping Back Service Endpoint: the function Service::sendPingHandle (var/Widget/Service.php). The X-Pingback/link parameter manipulation triggers SSRF, enabling remote access. Exploit publicly available; vendor not responsive to...

7.5CVSS7AI score0.00278EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/26 7:0 a.m.38 views

CVE-2026-7025 Typecho Ping Back Service Endpoint Service.php sendPingHandle server-side request forgery

A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping Back Service Endpoint. The manipulation of the argument X-Pingback/link results in server-side request forgery. The attack may...

7.5CVSS0.00278EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/26 12:0 a.m.11 views

typecho 代码问题漏洞

Typecho is a PHP blog platform developed by Typecho’s individual developers. It’s simple yet powerful. Versions of Typecho 1.3.0 and earlier had code vulnerabilities. These vulnerabilities stemmed from improper handling of the X-Pingback/link parameter in the Service::sendPingHandle function with...

7.5CVSS7.2AI score0.00278EPSS
Exploits0References2
Rows per page
Query Builder