CVE-2024-25187 | 71cms 1.0.0 getweather.html server-side request forgery

Posted by Angelo Barbosa | Apr 2, 2024 | CVE

A vulnerability was found in 71cms 1.0.0. It has been classified as critical. Affected is an unknown function of the file getweather.html. The manipulation leads to server-side request forgery.

This vulnerability is traded as CVE-2024-25187. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-25187 | 71cms 1.0.0 getweather.html server-side request forgery

Related Posts

CVE-2024-30614 | Ametys CMS up to 4.5.0 information disclosure

CVE-2024-0050 | Google Android SoftVideoDecoderOMXComponent.cpp getConfig out-of-bounds write

CVE-2024-31469 | Aruba InstantOS/ArubaOS PAPI buffer overflow (ARUBA-PSA-2024-006)

CVE-2023-6200 | Linux Kernel up to 6.7-rc6 ICMPv6 Router Advertisement Packet race condition