396 matches found
CVE-2022-34269
An issue was discovered in RWS WorldServer before 11.7.3. An authenticated, remote attacker can perform a ws-legacy/loaddtd?systemid= blind SSRF attack to deploy JSP code to the Apache Axis service running on the localhost interface, leading to command execution...
CVE-2022-24449
Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF attacks via a crafted XML document...
CVE-2022-1239
The HubSpot WordPress plugin before 8.8.15 does not validate the proxy URL given to the proxy REST endpoint, which could allow users with the editposts capability by default contributor and above to perform SSRF attacks...
CVE-2022-1188
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 where a blind SSRF attack through the repository mirroring feature was possible...
CVE-2022-0136
A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1. GitLab was vulnerable to a blind SSRF attack through the Project Import feature...
CVE-2021-21288
CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. In CarrierWave before versions 1.3.2 and 2.1.1 the download feature has an SSRF vulnerability, allowing attacks to provide DNS entries or IP addresses that are intended for...
CVE-2021-39497
eyoucms 1.5.4 lacks sanitization of input data, allowing an attacker to inject a url to trigger blind SSRF via the saveRemote function...
CVE-2021-43296
Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to an SSRF attack in ActionExecutor...
CVE-2021-42079
An authenticated administrator is able to prepare an alert that is able to execute an SSRF attack. This is exclusively with POST requests. POC Step 1: Prepare the SSRF with a request like this: GET /qstorapi/alertConfigSet?senderEmailAddress=a=BURPCOLLABHOST=25=a=1=1=1=1=1=1=1=http://=1=1=1=http:...
CVE-2020-25820
BigBlueButton before 2.2.7 allows remote authenticated users to read local files and conduct SSRF attacks via an uploaded Office document that has a crafted URL in an ODF xlink field...
CVE-2020-17513
In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old Flask-admin based UI were vulnerable for SSRF attack...
CVE-2018-1000825
FreeCol version = nightly-2018-08-22 contains a XML External Entity XXE vulnerability in FreeColXMLReader parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Freecol file...
CVE-2018-1000124
I Librarian I-librarian version 4.8 and earlier contains a XML External Entity XXE vulnerability in line 154 of importmetadata.phpsimplexmlloadstring that can result in an attacker reading the contents of a file and SSRF. This attack appear to be exploitable via posting xml in the Parameter...
CVE-2019-20872
An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. SSRF can attack local services...
CVE-2018-1000838
autopsy version = 4.9.0 contains a XML External Entity XXE vulnerability in CaseMetadata XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Specially crafted CaseMetadata...
Security Bulletin: Vulnerabilities in Pivota Spring Framework, VMware Tanzu Spring Framework, VMware Spring Framework might affect IBM Storage Defender Copy Data Management.
Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Pivota Spring Framework, VMware Tanzu Spring Framework, VMware Spring Framework. Vulnerabilities include an attacker and remote attacker could exploit these vulnerabilities to execute arbitrary code on the...
RLSA-2024:4247 Moderate: libuv security update
libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fixes: libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.10 : Python vulnerabilities (USN-7488-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7488-1 advisory. It was discovered that Python incorrectly handled parsing bracketed hosts. A remote attacker coul...
PT-2025-18685
Name of the Vulnerable Software and Affected Versions Stirling-PDF versions prior to 0.45.0 Description Stirling-PDF is a locally hosted web application that allows users to perform various operations on PDF files. The application is vulnerable to SSRF-induced arbitrary file read due to WeasyPrin...
PT-2025-29479 · Gnu · Snappy
Уязвимость библиотеки PHP Snappy связана с недостаточной проверкой запросов на стороне сервера. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, осуществить SSRF-атаку путем отправки специально созданного HTTP-запроса...