Vulnerabilities > CVE-2018-13790 - Server-Side Request Forgery (SSRF) vulnerability in Concretecms Concrete CMS 8.2.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |