CVE-2022-31386
Published
CVSS v3
9.1
CRITICAL
CVSS v2
6.4
MEDIUM
Affected
1
PROJECT
Description
A Server-Side Request Forgery (SSRF) in the getFileBinary function of nbnbk cms 3 allows attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the URL parameter.
基于thinkphp5的cms管理系统,B2C电商开源php商城系统平台,tp5开源cms,thinkphp企业网站源码,适合博客、中小企业建站二次开发。
GitHub