Medium severity6.3NVD Advisory· Published Jan 8, 2024· Updated Jun 17, 2026
CVE-2024-0304
CVE-2024-0304
Description
A vulnerability has been found in Youke365 up to 1.5.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/collect.php. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249871.
Affected products
2Patches
Vulnerability mechanics
References
3- vuldb.comnvdPermissions RequiredThird Party Advisory
- vuldb.comnvdThird Party Advisory
- note.zhaoj.in/share/3jF3Xpl3ttlZnvdBroken Link
News mentions
0No linked articles in our index yet.