CVE-2022-40357 – A security issue was discovered in Z-BlogPHP <= 1.7.2. A Server-Side Request Forgery (S …

20 September 2022

Vuln ID: CVE-2022-40357

Published: 2022-09-20 21:15:11Z

Description: A security issue was discovered in Z-BlogPHP <= 1.7.2. A Server-Side Request Forgery (SSRF) vulnerability in the zb_users/plugin/UEditor/php/action_crawler.php file allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the source parameter.

Source: NVD.NIST.GOV

Date:

20 September 2022

Categorie(s):

NVD

Tag(s):

NVD

New SSLoad Malware Combined With Tools Hijacking Entire Network Domain26 April 2024
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites26 April 2024
Top 5 MSP Cyberattacks in 2023/202426 April 2024
Flaws in Chinese keyboard apps leave 750 million users open to snooping, researchers claim26 April 2024
Most people still rely on memory or pen and paper for password management26 April 2024