{"vulnerability": "ghsa-qr7h-8pv2-xvx2", "sightings": [{"uuid": "29fc9334-7a09-4e86-a503-01c807262a44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-QR7H-8PV2-XVX2", "type": "seen", "source": "https://t.me/arpsyndicate/811", "content": "#ExploitObserverAlert\n\nGHSA-qr7h-8pv2-xvx2\n\nDESCRIPTION: Exploit Observer has 1 entries related to GHSA-QR7H-8PV2-XVX2. ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in yuan1994 tpAdmin 1.3.12. Affected is the function remote of the file application\\admin\\controller\\Upload.php. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225408. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.\n\nGHSS: 4.9", "creation_timestamp": "2023-11-30T09:33:11.000000Z"}]}