CVE-2025-5510 – Shiyi-Blog Remote Server-Side Request Forgery (SSRF) Vulnerability

June 3, 2025

CVE ID : CVE-2025-5510

Published : June 3, 2025, 5:15 p.m. | 2 hours, 15 minutes ago

Description : A vulnerability classified as critical was found in quequnlong shiyi-blog up to 1.2.1. This vulnerability affects unknown code of the file /app/sys/article/optimize. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-30360 – Webpack-dev-server Cross-site WebSocket Hijacking Vulnerability

Next Article CVE-2025-5511 – “Quequnlong Shiyi-Blog Remote Unauthorized File Access Vulnerability”

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

OneDrive for Mac will soon give you more flexible storage options

From The Editor’s Desk — new Windows Central community features, we’d like to hear from you!

New code strings attached to Xbox Game Pass suggests a price increase may be imminent

This could be the versatile laptop accessory I’ve been waiting for — Here’s why it stands out from other portable monitors

Worker Threads in Node.js: A Complete Guide for Multithreading in JavaScript

Worker Threads in Node.js: A Complete Guide for Multithreading in JavaScript

Everybody’s gone lintin’

QAQ-QQ-AI-QUEST

OneDrive for Mac will soon give you more flexible storage options

OneDrive for Mac will soon give you more flexible storage options

From The Editor’s Desk — new Windows Central community features, we’d like to hear from you!

New code strings attached to Xbox Game Pass suggests a price increase may be imminent

CVE-2025-5510 – Shiyi-Blog Remote Server-Side Request Forgery (SSRF) Vulnerability

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

Grafana Alert: Medium-Severity Flaw (CVE-2025-3415) Exposes DingDing API Keys

Key Factors to Consider Before Hiring React Native Developers for Your Project🔍

Exclusive Talk: Joey Conway of NVIDIA on Llama Nemotron Ultra and Open Source Models

An iPad can’t run macOS, but it can run… Windows 11?

Empowering Businesses with Autonomous AI Agent Development🚀

Chargebee Starter Kit for Billing in Laravel

Bungie reveals Marathon gameplay, sets release date for later this year across Xbox, PC, and PlayStation

CVE-2025-4313 – SourceCodester Advanced Web Store SQL Injection Vulnerability

CVE-2024-32499 – Newforma Project Center Server Remote Code Execution Vulnerability

CVE-2025-5510 – Shiyi-Blog Remote Server-Side Request Forgery (SSRF) Vulnerability

Related Posts