CVE-2017-16614

CVE-2017-16614

SSRF (Server Side Request Forgery) in tpshop 2.0.5 and 2.0.6 allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution via the plugins/payment/weixin/lib/WxPay.tedatac.php fBill parameter.

Source: CVE-2017-16614

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다