CVE-2025-0480 | wuzhicms 4.1.0 config.php test sphinxhost/sphinxport server-side request forgery

Inserito da Angelo Barbosa | Gen 15, 2025 | CVE

A vulnerability classified as problematic has been found in wuzhicms 4.1.0. This affects the function test of the file coreframe/app/search/admin/config.php. The manipulation of the argument sphinxhost/sphinxport leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2025-0480. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-0480 | wuzhicms 4.1.0 config.php test sphinxhost/sphinxport server-side request forgery

Post correlati

CVE-2024-44761 | EQ Enterprise Management System up to 1.x Requests path traversal

CVE-2021-47324 | Linux Kernel up to 5.13.3 watchdog wdt_startup use after free

CVE-2024-40530 | Pantera CRM 401.152/402.072 Header X-Forwarded-For permission

CVE-2024-46213 | REDAXO CMS 2.11.0 Privilege Escalation