Vulnerability Key Information Title: Eyoucms 1.7.7 SSRF Vulnerability Description: A Server-Side Request Forgery (SSRF) vulnerability was discovered in EyouCMS version 1.7.7 and earlier. The vulnerability resides in the image fetching functionality, where user-supplied URLs are not adequately validated before initiating server-side HTTP requests. This enables an authenticated attacker to craft malicious requests that can access internal network services or cloud metadata endpoints. Exploitation of this vulnerability requires user authentication. Source: https://note-hxlabs.wetolink.com/share/DeUFyoSksPPK User: pemic (UID 93604) Submission: 12/18/2025 08:14 AM (16 days ago) Moderation: 12/30/2025 7:46 PM (12 days later) Status: Accepted VulDB Entry: 339081 [EyouCMS up to 1.7.7 application/function.php saveRemote server-side request forgery] Points: 20