Lucene search
+L

9745 matches found

Hacker One
Hacker One
added 2017/05/28 11:12 a.m.58 views

Weblate: Uploaded XLF files result in External Entity Execution

Summary: ======== Weblate users in the Translate group or those with the ability to upload translation files can trigger XML External Entity Execution. This is a well known and high/critical vector of attack that often can completely compromise the security of a web application or in some cases...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/05/09 12:0 a.m.42 views

I_ Librarian 4.64.7 - Command Injection Server Side Request Forgery Directory Enumeration Cross-Site Scripting

I Librarian 4.64.7 - Command Injection Server Side Request Forgery Directory Enumeration Cross-Site Scripting SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: I, Librarian PDF manager...

0.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/05/01 12:0 a.m.57 views

EulerOS 2.0 SP1 : ImageMagick (EulerOS-SA-2016-1021)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attack...

10CVSS6.8AI score0.97485EPSS
Exploits13References6
seebug.org
seebug.org
added 2017/04/25 12:0 a.m.35 views

WordPress Plugin Nelio AB Testing Server-Side Request Forgery (SSRF)

Case Study: SSRF in Nelio AB Testing WordPress Plugin Nelio AB Testing is a WordPress plugin used for A/B Testing in WordPress pages. We can download the source-code of the Plugin from plugins.svn.wordpress.org/nelio-ab-testing/tags/4.5.8/. Server-side Request Forgery SSRF is a vulnerability wher...

7.6AI score
Exploits0
Prion
Prion
added 2017/04/24 6:59 p.m.25 views

Server side request forgery (ssrf)

Multiple server-side request forgery SSRF vulnerabilities in Yeager CMS 1.2.1 allow remote attackers to trigger outbound requests and enumerate open ports via the dbhost parameter to libs/org/adodblite/tests/testadodblite.php, libs/org/adodblite/tests/testdatadictionary.php, or...

6.4CVSS7.5AI score0.06032EPSS
Exploits5References4Affected Software1
Hacker One
Hacker One
added 2017/04/23 2:43 p.m.378 views

Shopify: SVG Server Side Request Forgery (SSRF)

I found an issue which seems to be regression of the following issue: https://hackerone.com/reports/97501 . It seems your input validaton is not sufficient and the file is getting processed before your implemented check for valid file types. When adding a new product in the store, images for the...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2017/04/21 12:0 a.m.12 views

PT-2018-10: Server-Side Request Forgery in Ipswitch WhatsUp Gold

The specialists of the Positive Research center have detected a Server-Side Request Forgery vulnerability in Ipswitch WhatsUp Gold. A server-side request forgery vulnerability in NmAPI.exe in Ipswitch WhatsUp Gold allows attackers to gain unauthorized access to the WhatsUp Gold system, obtain...

9.8CVSS10AI score0.01443EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2017/04/18 12:0 a.m.48 views

PHP 7.x < 7.0.18, 7.1.x < 7.1.4 SSRF Security Bypass Vulnerability - Linux

PHP is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

7.4CVSS7.6AI score0.03514EPSS
Exploits2References3
Prion
Prion
added 2017/04/17 4:59 p.m.35 views

Server side request forgery (ssrf)

A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous request completed. Thi...

5CVSS7.4AI score0.1684EPSS
Exploits0References34Affected Software1
UbuntuCve
UbuntuCve
added 2017/04/14 6:59 p.m.30 views

CVE-2016-7051

XmlMapper in the Jackson XML dataformat component aka jackson-dataformat-xml before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery SSRF attacks via vectors related to a DTD...

8.6CVSS7.2AI score0.02356EPSS
Exploits0References2
Prion
Prion
added 2017/04/14 6:59 p.m.21 views

Server side request forgery (ssrf)

XmlMapper in the Jackson XML dataformat component aka jackson-dataformat-xml before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery SSRF attacks via vectors related to a DTD...

5CVSS7AI score0.02356EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2017/04/14 6:59 p.m.17 views

CVE-2016-7051

XmlMapper in the Jackson XML dataformat component aka jackson-dataformat-xml before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery SSRF attacks via vectors related to a DTD...

8.6CVSS8.4AI score0.02356EPSS
Exploits0References3
CVE
CVE
added 2017/04/14 6:0 p.m.104 views

CVE-2016-7051

CVE-2016-7051 affects jackson-dataformat-xml (XmlMapper). The vulnerability is a server-side request forgery (SSRF) flaw related to DTD handling, present in XmlMapper before 2.7.8 and in 2.8.x before 2.8.4. Impact is described as potential SSRF; exploit details are not provided in the initial doc...

8.6CVSS8.7AI score0.02356EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/04/11 12:0 a.m.481 views

phpMyAdmin 4.0.x < 4.0.10.19 / 4.4.x < 4.4.15.10 / 4.6.x < 4.6.6 Multiple Vulnerabilities (PMASA-2017-1 - PMASA-2017-7)

According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.19, 4.4.x prior to 4.4.15.10, or 4.6.x prior to 4.6.6. It is, therefore, affected by the following vulnerabilities : - An open redirect vulnerability exists due to a...

9.8CVSS7.9AI score0.06711EPSS
Exploits1References9
Prion
Prion
added 2017/04/06 2:59 p.m.21 views

Server side request forgery (ssrf)

F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery SSRF attack when deployed using the Dynamic Domain Bypass DDB feature feature plus SNAT Auto Map option for egress traffic...

5.8CVSS7.4AI score0.01147EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2017/04/06 2:0 p.m.26 views

CVE-2017-6130

F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery SSRF attack when deployed using the Dynamic Domain Bypass DDB feature feature plus SNAT Auto Map option for egress traffic...

7.5AI score0.01147EPSS
Exploits0References1
Debian
Debian
added 2017/03/27 11:5 p.m.102 views

[SECURITY] [DLA 875-1] php5 security update

Package : php5 Version : 5.4.45-0+deb7u8 CVE ID : CVE-2016-7478 CVE-2016-7479 CVE-2017-7272 Several issues have been discovered in PHP recursive acronym for PHP: Hypertext Preprocessor, a widely-used open source general-purpose scripting language that is especially suited for web development and...

9.8CVSS9.1AI score0.42401EPSS
Exploits5
OSV
OSV
added 2017/03/21 6:59 a.m.51 views

DEBIAN-CVE-2017-7200

An SSRF issue was discovered in OpenStack Glance before Newton. The 'copyfrom' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to...

5.8CVSS5.7AI score0.02034EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2017/03/21 5:47 a.m.29 views

CVE-2017-7200

The copyfrom feature in Image Service API v1 allows an attacker to perform masked network port scans. It is possible to create images with a URL such as 'http://localhost:22'. This could allow an attacker to enumerate internal network details while appearing masked, because the scan appears to...

6.5CVSS2.5AI score0.02034EPSS
Exploits0References2
Prion
Prion
added 2017/03/16 3:59 p.m.16 views

Server side request forgery (ssrf)

The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...

5.8CVSS7.2AI score0.01992EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder