7390 matches found
PT-2018-1306 · Ipswitch · Ipswitch Whatsup Gold
Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold versions prior to 18.0 Description: A Server-Side Request Forgery SSRF issue was discovered in the NmAPI.exe executable. This allows malicious actors to submit specially crafted requests to gain unauthorized access to th...
I Librarian I-librarian XXE vulnerability
I Librarian I-librarian is an application for editing PDF files. An XXE vulnerability exists in line 154 of the importmetadata.php file in I Librarian I-librarian 4.8 and earlier versions. An attacker can exploit this vulnerability to read the contents of a file and perform a server-side request...
UBUNTU-CVE-2018-7667
Adminer through 4.3.1 has SSRF via the server parameter...
Adminer Server-Side Request Forgery Vulnerability
Adminer is a full-featured database management tool written in PHP that supports database software such as MySQL, MariaDB, PostgreSQL and SQLite. A server-side request forgery vulnerability exists in Adminer 4.3.1 and earlier versions. An attacker can exploit this vulnerability with the help of t...
CloudBees Jenkins Android Lint Plugin Information Disclosure Vulnerability
CloudBees Jenkins formerly known as Hudson Labs is a set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version release/testing projects and some timed tasks.Android Lint Plugin is used in one of the Android static Android Lint...
CVE-2018-7055
GroupViewProxyServlet in RoomWizard before 4.4.x allows SSRF via the url parameter...
Sandstorm Server-Side Request Forgery Vulnerability Vulnerability
Sandstorm is a personal cloud platform. The platform features file storage, application management, task and project management, and more. A server-side request forgery vulnerability exists in the install application process in versions prior to Sandstorm build 0.203. A remote attacker can exploi...
Atlassian Bitbucket Server Server-Side Request Forgery Vulnerability
Atlassian Bitbucket Server is a Git code hosting solution from Atlassian Australia. The solution is able to manage and review code with features such as diff view, JIRA integration and build integration.Github repository importer is one of the Github repository import modules. A server-side reque...
The vulnerability of the Apache XML-RPC library (ws-xmlrpc) is related to improper restrictions on XML links to external objects, which allows attackers to perform SSRF attacks.
The vulnerability of the Apache XML-RPC library ws-xmlrpc is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability allows a malicious actor to perform SSRF attacks using specially crafted DTDs...
CloudBees Jenkins PMD Plugin XML External Entity Injection Vulnerability
CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . PMD Plugin is used in one of the...
CloudBees Jenkins Warnings Plugin XML External Entity Injection Vulnerability
CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Warnings Plugin is the use of a code...
NoneCms Server-Side Request Forgery Vulnerability
NoneCms is an open source CMS Content Management System for quickly building corporate websites, personal blogs and supporting mobile. A cross-site request forgery vulnerability exists in the 'copy' function of the application/admin/controller/Article.php file in NoneCms version 1.3.0, which stem...
UBUNTU-CVE-2018-1042
Moodle 3.x has Server Side Request Forgery in the filepicker...
Atlassian Jira Information Disclosure Vulnerability
Atlassian Jira is a defect tracking management system, a commercial application for defect management, task tracking and project management. An information disclosure vulnerability exists in the Trello import program in Atlassian Jira. A remote attacker could exploit this vulnerability to access...
Synology Chat Server-Side Request Forgery Vulnerability (CNVD-2018-01480)
Synology Chat is an enterprise messaging service that runs on Synology NAS. The solution eliminates the need for users to compose emails and improves the efficiency of corporate communication. A server-side request forgery vulnerability exists in Link Preview in Synology Chat. A remote...
Harbor 'Ping()' Function Server-Side Cross-Site Forgery Vulnerability
Harbor is an open source, enterprise-grade registry server that also provides advanced security features such as user management, access control and activity auditing. A server-side cross-site forgery vulnerability exists in the 'Ping' function of the ui/api/targets.go file in Harbor 1.3.0-rc4 an...
CVE-2017-16678
Server Side Request Forgery SSRF vulnerability in SAP NetWeaver Knowledge Management Configuration Service, EPBC and EPBC2 from 7.00 to 7.02; KMC-BC 7.30, 7.31, 7.40 and 7.50, that allows an attacker to manipulate the vulnerable application to send crafted requests on behalf of the application...
CVE-2017-11291
An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery SSRF vulnerability exists that could be abused to bypass network access controls...
Atlassian Hipchat Server and Hipchat Data Center Remote Code Execution Vulnerability
Atlassian Hipchat Server and Hipchat Data Center are both products of Atlassian Australia.Hipchat Server is a set of team chatting tools that supports group and 1-to-1 voice and video chatting and screen sharing.Hipchat Data Center is a set of Hipchat Data Center is a data center system. A...
SSRF vulnerability in APPCMS admin\download_frame.php file
APPCMS is a professional APP content management system that provides a variety of extension modules, such as information, recommended positions, topics, friendly links, body internal links and so on, to help webmasters better personalize their own websites. An SSRF vulnerability exists in the...