First published: Tue Sep 20 2022(Updated: )
A security issue was discovered in Z-BlogPHP <= 1.7.2. A Server-Side Request Forgery (SSRF) vulnerability in the zb_users/plugin/UEditor/php/action_crawler.php file allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the source parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zblogcn Z-blogphp | <=1.7.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.