Vulnerabilities (CVE)

Filtered by vendor Zhiyun-tech Subscribe
Filtered by product Zhihuiyun
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-0649 1 Zhiyun-tech 1 Zhihuiyun 2024-11-21 6.5 MEDIUM 6.3 MEDIUM
A vulnerability was found in ZhiHuiYun up to 4.4.13 and classified as critical. This issue affects the function download_network_image of the file /app/Http/Controllers/ImageController.php of the component Search. The manipulation of the argument url leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251375.