Exploit for Server-Side Request Forgery in Microsoft

CVE-2022-41040-metasploit-ProxyNotShell the metasploit script...

Server side request forgery (ssrf)

RAVA certificate validation system has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform SSRF attack to discover internal network topology base on query response...

PT-2022-6444 · Nokia · Nokia Netact

Name of the Vulnerable Software and Affected Versions: Nokia NetAct versions prior to 22 FP2211 Description: An XXE issue was discovered in Nokia NetAct via an XML document to a Performance Manager page, where input validation and a proper XML parser configuration are missing. This could allow an...

Microsoft Exchange vulnerable to server-side request forgery and remote code execution.

Overview Microsoft Exchange Server 2019, Exchange Server 2016 and Exchange Server 2013 are vulnerable to a server-side request forgery SSRF attack and remote code execution. An authenticated attacker can use the combination of these two vulnerabilities to elevate privileges and execute arbitrary...

Apache XML Graphics Batik Server-Side Request Forgery Vulnerability

Apache XML Graphics Batik is a Java-based application from the Apache Foundation that is primarily used to process images in SVG format.Apache XML Graphics Batik is vulnerable to server-side request forgery, which is caused by a flaw in the DefaultScriptSecurity function. An attacker could exploi...

EUVD-2022-6838

Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...

Security Bulletin:IBM TRIRIGA Application Platform discloses CVE-2020-11987

Summary IBM TRIRIGA Application Platform discloses CVE-2020-11987 Vulnerability Details CVEID:CVE-2020-11987 DESCRIPTION: Apache XML Graphics Batik is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an...

Security Bulletin: Vulnerabilities in vCenter affect IBM Cloud Pak System (CVE-2021-21980, CVE-2021-22049 )

Summary Vulnerabilities have beein found in VMware vCenter. vCenter is shipped with Cloud Pak System. Cloud Pak System has addressed these vulnerabilities. Vulnerability Details CVEID:CVE-2021-21980 DESCRIPTION: VMware vCenter Server could allow a remote attacker to obtain sensitive information,...

Security Bulletin: Multiple vulnerabilites affect IBM Engineering Test Management product due to XStream

Summary IBM Engineering Test Management is vulnerable to arbitrary code execution due to XStream. CVE-2021-21342, CVE-2021-21350, CVE-2021-21346, CVE-2021-21349, CVE-2021-21341, CVE-2021-21345, CVE-2021-21348, CVE-2021-21344, CVE-2021-21347, CVE-2021-21343, CVE-2021-21351 Vulnerability Details...

CVE-2022-32457

Digiwin BPM has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform Blind SSRF attack to discover internal network topology base on URL error response...

Server side request forgery (ssrf)

Digiwin BPM has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform Blind SSRF attack to discover internal network topology base on URL error response...

CVE-2022-32457 Data Systems Consulting Co., Ltd. BPM - Blind Server-Side Request Forgery (SSRF)

Digiwin BPM has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform Blind SSRF attack to discover internal network topology base on URL error response...

CVE-2022-26135

A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user including a user who joined via the sign-up feature to perform a full read server-side request forgery via a batch endpoint. This affects Atlassian Jira Server and Data Center from version 8.0.0...

Server-side Request Forgery (SSRF)

github.com/gogs/gogs is vulnerable to server-side request forgery. The vulnerability exists because the isLocalHostname function of webhook.go does not properly validate the IP addresses before redirect, allowing an attacker to gain access to response data by making an HTTP request to untrusted U...

XXE vulnerability in Rundeck Plugin

Rundeck Plugin 3.6.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows a user with Overall/Read access to have Jenkins parse a crafted HTTP request with XML data that uses external entities for extraction of secrets from the Jenkins controller o...

Aruba ClearPass Policy Manager Server-Side Request Forgery Vulnerability

Aruba ClearPass Policy Manager is an application of Aruba, Inc. that provides wireless network security access management system Aruba ClearPass Policy Manager is vulnerable to server-side request forgery, which can be exploited by remote, unauthenticated attackers to conduct server-side request...

Server side request forgery (ssrf)

The External Media without Import WordPress plugin through 1.1.2 does not have any authorisation and does to ensure that medias added via URLs are external medias, which could allow any authenticated users, such as subscriber to perform blind SSRF attacks...

GHSA-44VV-MM86-7CG6 phpMyAdmin server-side request forgery (SSRF)

The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery SSRF attacks via unspecified vectors...

GHSA-VJXX-54VW-Q59F Moodle SSRF Vulnerability

The editblog.php script allows a registered user to add external RSS feed resources. It was identified that this feature could be abused to be used as a SSRF attack vector by adding a malicious URL/TCP PORT in order to target internal network or an internet hosted server, bypassing firewall rules...

Moodle SSRF Vulnerability

The editblog.php script allows a registered user to add external RSS feed resources. It was identified that this feature could be abused to be used as a SSRF attack vector by adding a malicious URL/TCP PORT in order to target internal network or an internet hosted server, bypassing firewall rules...