CVE-2015-7570

Multiple server-side request forgery (SSRF) vulnerabilities in Yeager CMS 1.2.1 allow remote attackers to trigger outbound requests and enumerate open ports via the dbhost parameter to libs/org/adodb_lite/tests/test_adodb_lite.php, libs/org/adodb_lite/tests/test_datadictionary.php, or libs/org/adodb_lite/tests/test_adodb_lite_sessions.php.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:yeager:yeager_cms:1.2.1:*:*:*:*:*:*:*

Information

Published : 2017-04-24 11:59

Updated : 2018-10-09 12:58


NVD link : CVE-2015-7570

Mitre link : CVE-2015-7570


JSON object : View

CWE
CWE-918

Server-Side Request Forgery (SSRF)

Advertisement

dedicated server usa

Products Affected

yeager

  • yeager_cms