CVE-2015-7570

Multiple server-side request forgery (SSRF) vulnerabilities in Yeager CMS 1.2.1 allow remote attackers to trigger outbound requests and enumerate open ports via the dbhost parameter to libs/org/adodb_lite/tests/test_adodb_lite.php, libs/org/adodb_lite/tests/test_datadictionary.php, or libs/org/adodb_lite/tests/test_adodb_lite_sessions.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:yeager:yeager_cms:1.2.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-04-24 18:59

Updated : 2024-02-28 15:44


NVD link : CVE-2015-7570

Mitre link : CVE-2015-7570

CVE.ORG link : CVE-2015-7570


JSON object : View

Products Affected

yeager

  • yeager_cms
CWE
CWE-918

Server-Side Request Forgery (SSRF)