Multiple Server-Side Request Forgery (SSRF) Vulnerabilities in Yeager CMS 1.2.1

CVE-2015-7570 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

Multiple server-side request forgery (SSRF) vulnerabilities in Yeager CMS 1.2.1 allow remote attackers to trigger outbound requests and enumerate open ports via the dbhost parameter to libs/org/adodb_lite/tests/test_adodb_lite.php, libs/org/adodb_lite/tests/test_datadictionary.php, or libs/org/adodb_lite/tests/test_adodb_lite_sessions.php.

Learn more about our Cis Benchmark Audit For Server Software.