PT-2022-16705 · Solar · Solar Appscreener

Name of the Vulnerable Software and Affected Versions: Solar appScreener versions 3.10.4 and earlier Description: The issue allows XXE and SSRF attacks via a crafted XML document when a valid license is not present. Recommendations: For Solar appScreener versions 3.10.4 and earlier, ensure a vali...

Navigate CMS 代码问题漏洞

Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A security vulnerability exists in Navigate CMS v2.9.4, which allows remote attackers to force an application to make arbitrary requests by injecting arbitrary URLs into feed parameters...

CVE-2022-1037

The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external images, which could lead to a blind SSRF issue by using local URLs...

ALPINE-CVE-2022-26499

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

The vulnerability of the Python programming language interpreter’s FTP (File Transfer Protocol) client library allows attackers to perform SSRF attacks.

The vulnerability of the Python File Transfer Protocol client library is related to insufficient validation of data entered by users when the library is used in the PASV passive mode. Exploiting this vulnerability allows a malicious actor to configure a malicious FTP server, tricking the Python F...

PT-2022-13540 · Unknown · Calibre-Web

Name of the Vulnerable Software and Affected Versions: calibre-web versions prior to 0.6.18 Description: The issue is related to Server-Side Request Forgery SSRF in the GitHub repository janeczku/calibre-web. SSRF is a type of attack where an attacker can trick a server into making requests to...

Pascom Cloud Phone System 代码问题漏洞

Pascom Cloud Phone System is a cloud-based phone system from Pascom. A server request forgery vulnerability exists in Pascom Cloud Phone System, which stems from the product's failure to properly validate user input and could be exploited by attackers to probe server intranet resources...

httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"

A Server-Side Request Forgery SSRF flaw was found in modproxy of httpd. This flaw allows a remote, unauthenticated attacker to make the httpd server forward requests to an arbitrary server. The attacker could get, modify, or delete resources on other services that may be behind a firewall and...

CVE-2021-34706

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to access sensitive information or conduct a server-side request forgery SSRF attack through an affected device. This vulnerability is due to improper handling...

CVE-2021-22026

The vRealize Operations Manager API 8.x prior to 8.5 contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure...

XStream: SSRF can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. No user is...

UBUNTU-CVE-2021-20280

Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

jenkins-2-plugins/subversion: XML parser is not preventing XML external entity (XXE) attacks

A flaw was found in the subversion Jenkins plugin. The XML parser is not properly configured to prevent XML external entity XXE attacks allowing an attacker the ability to control an agent process and have Jenkins parse a crafted changelog file that uses external entities for extraction of secret...

PT-2020-16409 · Medikoo · Uri.Js

Name of the Vulnerable Software and Affected Versions: URI.js versions prior to 1.19.4 Description: The hostname can be spoofed by using a backslash character followed by an at @ character. If the hostname is used in security decisions, the decision may be incorrect. Depending on library usage an...

CVE-2020-7740

This affects all versions of package node-pdf-generator. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to craft a url that will be passed to an external server allowing an SSRF attack...

CVE-2019-19835

SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/rcmdstat.jsp URI...

Apache Olingo SSRF Attack Vulnerability

Apache Olingo is a U.S. Apache Apache Software Foundation for the implementation of Open Data Protocol OData, Open Data Protocol Java library. Apache Olingo SSRF attack vulnerability can be exploited by an attacker to trick a client into connecting to a malicious server, then the server can cause...

CVE-2019-12852

An SSRF attack was possible on a JetBrains YouTrack server. The issue 1 of 2 was fixed in JetBrains YouTrack 2018.4.49168...

Multiple vulnerabilities in Cybozu Garoon

Overview Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. Cross-site scripting in the additional processing of Customize Item function CWE-79 - CVE-2019-5928 Cross-site scripting in the application "Memo" CWE-79 - CVE-2019-5929 Browse restriction bypass in th...

The vulnerability of the MailConnect function in the software controller allows for an SSRF attack by the intruder, enabling them to carry out a malicious action. This vulnerability is present in the D-Link Central WiFi Manager, a device used for centralized control of wireless networks.

The vulnerability of the MailConnect function in the D-Link Central WiFi Manager software control panel exists due to insufficient checking of incoming requests. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...