CVE-2024-0304
08.01.2024, 08:15
A vulnerability has been found in Youke365 up to 1.5.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/collect.php. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249871.
Vendor | Product | Version |
---|---|---|
youke365 | youke_365 | 1.5.0 ≤ 𝑥 ≤ 1.5.3 |
𝑥
= Vulnerable software versions