A vulnerability was found in ShopXO up to 6.1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file extend/base/Uploader.php. The manipulation of the argument source leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-270367. NOTE: The original disclosure confuses CSRF with SSRF.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2024-07-05T12:00:06.218Z
Updated: 2024-08-01T21:41:03.538Z
Reserved: 2024-07-05T04:50:36.117Z
Link: CVE-2024-6524
Vulnrichment
Updated: 2024-08-01T21:41:03.538Z
NVD
Status : Analyzed
Published: 2024-07-05T12:15:02.090
Modified: 2024-07-08T15:33:01.377
Link: CVE-2024-6524
Redhat
No data.