WordPress Plugin affiliate-toolkit Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

Audiobookshelf Code Issue Vulnerability

Audiobookshelf is a self-hosted audiobook and podcast server from audiobookshelf open source. A code issue vulnerability exists in Audiobookshelf versions prior to 2.7.0, which stems from a Server Request Forgery SSRF vulnerability in Auth.js...

Audiobookshelf Code Issue Vulnerability

Audiobookshelf is audiobookshelf open source a self-hosted audiobook and podcast server. A code issue vulnerability exists in Audiobookshelf versions prior to 2.7.0, which stems from a server request forgery SSRF vulnerability in podcastUtils.js...

automad Code Issues Vulnerabilities

automad is a flat file content management system and template engine. A code issue vulnerability exists in automad 1.10.9 and earlier versions, which stems from a Server Request Forgery SSRF vulnerability in the function import in the file FileController.php...

Bazarr Code Issue Vulnerability

Bazarr is a software from Bazarr, a companion application to Sonarr and Radarr that manages and downloads subtitles according to your requirements. A code issue vulnerability exists in Bazarr version 1.2.4, which stems from a Server Request Forgery SSRF vulnerability in the file...

EspoCRM Code Issues Vulnerabilities

EspoCRM is an open source web-based customer relationship management CRM system. The system provides features such as sales automation, community and customer support. A code issue vulnerability exists in EspoCRM 8.0.2 and prior versions that stems from the presence of a Server Request Forgery SS...

UBUNTU-CVE-2022-45592

1 Server Side Request Forgery SSRF, 2 persistant Cross site scripting XSS, and 3 File upload vulnerability...

GHSA-QW4H-3XJJ-84CC Apache Tiles: Unvalidated input may lead to path traversal and XXE

The value set as the DefaultLocaleResolver.LOCALEKEY attribute on the session was not validated while resolving XML definition files, leading to possible path traversal and eventually SSRF/XXE when passing user-controlled data to this key. Passing user-controlled data to this key may be relativel...

Trellix Enterprise Security Manager Code Issue Vulnerability

Trellix Enterprise Security Manager is an application from American FireEye Trellix, Inc. for real-time monitoring and analysis enables you to quickly prioritize, investigate and respond to hidden threats. A code issue vulnerability exists in Trellix Enterprise Security Manager versions prior to...

PublicCMS Security Vulnerabilities

PublicCMS is an open source content management system CMS written in Java by PublicCMS China. A security vulnerability exists in PublicCMS version v.4.0.202302.e, which stems from the presence of a Server Request Forgery SSRF vulnerability. An attacker can exploit the vulnerability to obtain...

ZOHO ManageEngine Desktop Central Code Issue Vulnerability

ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO. The solution includes software distribution, patch management, system configuration, remote control and other functional modules to support the entire lifecycle of desktop and server management. A code issue...

WordPress Plugin Assistant Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Home Assistant Code Issue Vulnerability

Home Assistant is an open source home automation management system. The system is primarily used to control home automation devices. A security vulnerability exists in Home Assistant Companion versions prior to 2023.7, which stems from a Server Request Forgery SSRF vulnerability in the component...

Zabbix Security Vulnerabilities

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. A security vulnerability exists in Zabbix that stems from A server request forgery SSRF vulnerability exists in the Frontend component...

Discourse Code Issue Vulnerability

Discourse is an open source community discussion platform. The platform includes community, email and chat room features. A security vulnerability exists in Discourse Discourse-jira, which originated from a vulnerability that allows an attacker to conduct a server request forgery SSRF attack by...

Apache Axis 输入验证错误漏洞

Apache Axis is the United States Apache Apache Foundation of an open source , XML-based Web services architecture . The product contains a SOAP server implemented in Java and C++ languages , as well as a variety of utility services and APIs to generate and deploy Web services applications. Apache...

CVE-2023-41055 LibreY Server-Side Request Forgery (SSRF) vulnerability via wikipedia_language cookie

LibreY is a fork of LibreX, a framework-less and javascript-free privacy respecting meta search engine. LibreY is subject to a Server-Side Request Forgery SSRF vulnerability in the engines/google/text.php and engines/duckduckgo/text.php files in versions before commit...

Apache XML Graphics Batik 代码问题漏洞

Apache XML Graphics Batik is a Java-based application from the Apache Foundation that is primarily used for processing SVG-format images. A code issue vulnerability exists in Apache XML Graphics Batik version 1.16, which stems from the presence of a Server Request Forgery SSRF vulnerability. An...

Open-Xchange AppSuite Code Issue Vulnerability

Open-Xchange AppSuite is a set of Web cloud desktop environments from Open-Xchange Germany. The environment allows users to more intuitively manage email, tasks, files, and more. A code issue vulnerability exists in Open-Xchange AppSuite that stems from a Server Request Forgery SSRF vulnerability...

Mattermost 代码问题漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost that stems from an improper restriction of requests to localhost/Intranet, resulting in a Server Request Forgery SSRF vulnerability...