145 matches found
CVE-2020-10252
An issue was discovered in ownCloud before 10.4. Because of an SSRF issue via the apps/filessharing/external remote parameter, an authenticated attacker can interact with local services blindly aka Blind SSRF or conduct a Denial Of Service attack...
CVE-2020-10252
An issue was discovered in ownCloud before 10.4. Because of an SSRF issue via the apps/filessharing/external remote parameter, an authenticated attacker can interact with local services blindly aka Blind SSRF or conduct a Denial Of Service attack...
Server side request forgery (ssrf)
An issue was discovered in ownCloud before 10.4. Because of an SSRF issue via the apps/filessharing/external remote parameter, an authenticated attacker can interact with local services blindly aka Blind SSRF or conduct a Denial Of Service attack...
CVE-2020-10252
An issue was discovered in ownCloud before 10.4. Because of an SSRF issue via the apps/filessharing/external remote parameter, an authenticated attacker can interact with local services blindly aka Blind SSRF or conduct a Denial Of Service attack...
UBUNTU-CVE-2021-23961
Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...
CVE-2021-23961
Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...
DEBIAN-CVE-2020-26978
Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...
CVE-2020-26978
Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...
Mozilla: Internal network hosts could have been probed by a malicious webpage
The Mozilla Foundation Security Advisory describes this flaw as: Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine...
Mozilla: Internal network hosts could have been probed by a malicious webpage
The Mozilla Foundation Security Advisory describes this flaw as: Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine...
CVE-2020-26978
The Mozilla Foundation Security Advisory describes this flaw as: Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine...
UBUNTU-CVE-2020-26978
Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...
OFFPORT_KILLER - This Tool Aims At Automating The Identification Of Potential Service Running Behind Ports Identified Manually Either Through Manual Scan Or Services Running Locally
Manual Port Scanning Enumerate Potential Service If you like the tool and for my personal motivation so as to develop other tools please a +1 star INTRO This tool aims at automating the identification of potential service running behind ports identified manually or on services running locally onl...
Server side request forgery (ssrf)
An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. SSRF can attack local services...
CVE-2020-8555
The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery SSRF that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints...
Concrete CMS: SSRF bypass
This simply describes a bypass for report at https://hackerone.com/reports/243865, using a decimal notation encoded IP address 0177.0.0.1 currently bypasses the limitations in place for localhost. crayons re-submitting report including "magic" string Concrete5 version used is 8.5.2 Impact...
Nextcloud server server-side request forgery vulnerability
Nextcloud is a client-server software suite for creating network hard disks. A server-side request forgery vulnerability exists in Nextcloud Server 16.0.1. An attacker could use this vulnerability to detect local and remote services when adding a new subscription in the Calendar application...
CVE-2020-8118
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application...
Server side request forgery (ssrf)
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application...
Server-Side request forgery in New-Subscription feature of the calendar app (NC-SA-2019-014)
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application...