CVE-2024-13195 | donglight bookstore电商书城系统说明 1.0.0 HttpUtil.java getHtml url server-side request forgery

Posted by Angelo Barbosa | Jan 8, 2025 | CVE

A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been classified as critical. This affects the function getHtml of the file src/main/java/org/zdd/bookstore/rawl/HttpUtil.java. The manipulation of the argument url leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2024-13195. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-13195 | donglight bookstore电商书城系统说明 1.0.0 HttpUtil.java getHtml url server-side request forgery

Related Posts

CVE-2024-11949 | GFI Archiver Store Service deserialization (ZDI-24-1672)

CVE-2023-40819 | ID4Portais prior 2022.837.002a Message Parameter cross site scripting

CVE-2024-1761 | WP Chat App Plugin up to 3.6.1 on WordPress Block Attribute cross site scripting

CVE-2024-42496 | Techno Support Company Smart-tab Android App credentials storage