漏洞关键信息 Title: Eyoucms 1.7.7 SSRF Vulnerability Description: A Server-Side Request Forgery (SSRF) vulnerability was found in EyouCMS version 1.7.7 and earlier. The vulnerability exists in the image fetching functionality where user-supplied URLs are not properly validated before making server-side HTTP requests. This allows an authenticated attacker to send crafted requests that can reach internal network services or cloud metadata endpoints. The vulnerability requires user authentication to exploit. Source: https://note-hxlabs.wetolink.com/share/DeUFyoSksPPK User: pemic (UID 93604) Submission: 12/18/2025 08:14 AM (16 days ago) Moderation: 12/30/2025 7:46 PM (12 days later) Status: Accepted VulDB Entry: 339081 [EyouCMS up to 1.7.7 application/function.php saveRemote server-side request forgery] Points: 20