7250 matches found
CVE-2025-11636
CVE-2025-11636 affects Tomofun Furbo 360 up to FB0035_FW_036. The issue resides in the Account Handler component and enables server-side request forgery (SSRF) through some manipulated processing, with remote execution possible. Exploitation is described as high complexity and difficult, with no ...
EUVD-2025-33899
A security vulnerability has been detected in Tomofun Furbo 360 up to FB0035FW036. This issue affects some unknown processing of the component Account Handler. Such manipulation leads to server-side request forgery. The attack can be executed remotely. This attack is characterized by high...
EUVD-2025-33881
HCL Unica Centralized Offer Management is vulnerable to a potential Server-Side Request Forgery SSRF. An attacker can exploit improper input validation by submitting maliciously crafted input to a target application running on a server...
CVE-2025-31993
HCL Unica Centralized Offer Management is vulnerable to a potential Server-Side Request Forgery SSRF. An attacker can exploit improper input validation by submitting maliciously crafted input to a target application running on a server...
CVE-2025-31993
HCL Unica Centralized Offer Management is vulnerable to a potential Server-Side Request Forgery SSRF. An attacker can exploit improper input validation by submitting maliciously crafted input to a target application running on a server...
CVE-2025-31993 HCL Unica Centralized Offer Management is vulnerable to a potential Server-Side Request Forgery (SSRF)
HCL Unica Centralized Offer Management is vulnerable to a potential Server-Side Request Forgery SSRF. An attacker can exploit improper input validation by submitting maliciously crafted input to a target application running on a server...
Tomofun Furbo 360 代码问题漏洞
Tomofun Furbo 360 is a smart pet camera from Tomofun, a company based in Taiwan, China. A code issue vulnerability exists in Tomofun Furbo 360 FB0035FW036 and prior versions, which stems from improper handling of the component Account Handler, which could lead to server-side request forgery...
Tomofun Furbo 360和Tomofun Furbo Mini 代码问题漏洞
Tomofun Furbo 360 and Tomofun Furbo Mini are both smart pet cameras from Tomofun Corporation of Taiwan, China. A code issue vulnerability exists in Tomofun Furbo 360 FB0035FW036 and earlier versions and Tomofun Furbo Mini MC0020FW074 and earlier versions, which stems from a flaw in the GATT...
PT-2025-41702
Name of the Vulnerable Software and Affected Versions HCL Unica Centralized Offer Management affected versions not specified Description The software is susceptible to a Server-Side Request Forgery SSRF issue. This occurs due to improper input validation, allowing an attacker to submit malicious...
EUVD-2025-33850
The WP Scraper plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.8.1 via the wpscraperextractcontent function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary...
CVE-2025-9975
The WP Scraper WordPress plugin is affected by a Server-Side Request Forgery (SSRF) in versions up to 5.8.1 via the wp_scraper_extract_content function. Exploitation requires authenticated access at Administrator level or higher and allows the attacker to make web requests from the application to...
PT-2025-41684
Name of the Vulnerable Software and Affected Versions WP Scraper plugin for WordPress versions prior to 5.8.2 Description The WP Scraper plugin for WordPress is susceptible to Server-Side Request Forgery SSRF in versions up to and including 5.8.1. This flaw resides within the wp scraper extract...
WordPress plugin WP Scraper 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF when processing user-supplied URLs. An attacker can cause the server to send unauthorized requests to arbitrary internal or external services by submitting crafted URLs. Workaround This vulnerability can...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF when processing user-supplied URLs. An attacker can cause the server to send unauthorized requests to arbitrary internal or external services by submitting crafted URLs. Workaround This vulnerability can...
New API 代码问题漏洞
New API is a QuantumNous open source interface software. A code issue vulnerability exists in New API versions prior to 0.9.0.5 that stems from not properly validating a user-supplied URL, which could lead to a server-side request forgery attack...
CVE-2025-9868
Server-Side Request Forgery SSRF in the Remote Browser Plugin in Sonatype Nexus Repository 2.x up to and including 2.15.2 allows unauthenticated remote attackers to exfiltrate proxy repository credentials via crafted HTTP requests...
CVE-2025-9868
The vulnerability is a Server-Side Request Forgery (SSRF) in the Remote Browser Plugin of Sonatype Nexus Repository 2.x, up to and including 2.15.2. The issue allows unauthenticated remote attackers to exfiltrate proxy repository credentials by crafting HTTP requests. The root cause is SSRF in th...
CVE-2025-9868 Nexus Repository 2 - SSRF Vulnerability in Remote Browser Plugin
Server-Side Request Forgery SSRF in the Remote Browser Plugin in Sonatype Nexus Repository 2.x up to and including 2.15.2 allows unauthenticated remote attackers to exfiltrate proxy repository credentials via crafted HTTP requests...
EUVD-2025-33291
Server-Side Request Forgery SSRF in the Remote Browser Plugin in Sonatype Nexus Repository 2.x up to and including 2.15.2 allows unauthenticated remote attackers to exfiltrate proxy repository credentials via crafted HTTP requests...