EUVD-2017-18216

Malware in sbrugna...

CVE-2025-5817

The Amazon Products to WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.7 via the wcta2wgeturls. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web...

CVE-2024-50811

hopetree izone lts c011b48 contains a server-side request forgery SSRF vulnerability in the active push function as \apps\tool\apis\bdpush.py does not securely filter user input through pushurls and geturls...

PT-2024-34420 · Unknown · Hopetree Izone Lts

Name of the Vulnerable Software and Affected Versions: hopetree izone lts version c011b48 Description: The issue is related to a server-side request forgery SSRF vulnerability in the active push function. This vulnerability occurs because the apps/tool/apis/bd push.py file does not securely filte...

CVE-2017-9280

Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar...

Code injection

Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar...