High severity7.5OSV Advisory· Published Jan 23, 2018· Updated Jun 17, 2026
CVE-2018-6029
CVE-2018-6029
Description
The copy function in application/admin/controller/Article.php in NoneCms 1.3.0 allows remote attackers to access the content of internal and external network resources via Server Side Request Forgery (SSRF), because URL validation only considers whether the URL contains the "csdn" substring.
Affected products
2Patches
Vulnerability mechanics
References
1- blackwolfsec.cc/2018/01/23/Nonecms_ssrf/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.