CVE-2025-58203

Server-Side Request Forgery SSRF vulnerability in solacewp Solace Extra solace-extra allows Server Side Request Forgery.This issue affects Solace Extra: from n/a through = 1.3.2...

CVE-2025-58203 WordPress Solace Extra Plugin <= 1.3.2 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in solacewp Solace Extra solace-extra allows Server Side Request Forgery.This issue affects Solace Extra: from n/a through = 1.3.2...

WordPress plugin Solace Extra 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

PT-2025-34917 · WordPress · Solacewp Solace Extra

Name of the Vulnerable Software and Affected Versions: solacewp Solace Extra versions through 1.3.2 Description: A Server-Side Request Forgery SSRF vulnerability exists in solacewp Solace Extra, allowing Server Side Request Forgery. Recommendations: At the moment, there is no information about a...

PT-2025-34950 · Sangfor · Iam +2

Name of the Vulnerable Software and Affected Versions: Sangfor Behavior Management System affected versions not specified Description: The Sangfor Behavior Management System also referred to as DC Management System contains an XML external entity XXE injection vulnerability in the /src/sangforind...

ROS-20250827-07

A vulnerability in GLPI's asset management and data center management software is related to improper neutralization of HTML tags associated with scripts on a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code GLPI asset and data center...

Linux Distros Unpatched Vulnerability : CVE-2023-36661

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. This is fixed in, for exampl...

Linux Distros Unpatched Vulnerability : CVE-2020-8555

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side...

Linux Distros Unpatched Vulnerability : CVE-2021-22214

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab CE/EE affecting all versions starting from...

Linux Distros Unpatched Vulnerability : CVE-2017-1000190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SimpleXML latest version 2.7.1 is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on. CVE-2017-1000190 Note that Nessus...

CVE-2025-57818

Firecrawl turns entire websites into LLM-ready markdown or structured data. Prior to version 2.0.1, a server-side request forgery SSRF vulnerability was discovered in Firecrawl's webhook functionality. Authenticated users could configure a webhook to an internal URL and send POST requests with...

CVE-2025-57818 Firecrawl SSRF Vulnerability via malicious webhook

Firecrawl turns entire websites into LLM-ready markdown or structured data. Prior to version 2.0.1, a server-side request forgery SSRF vulnerability was discovered in Firecrawl's webhook functionality. Authenticated users could configure a webhook to an internal URL and send POST requests with...

CVE-2025-57818 Firecrawl SSRF Vulnerability via malicious webhook

Firecrawl turns entire websites into LLM-ready markdown or structured data. Prior to version 2.0.1, a server-side request forgery SSRF vulnerability was discovered in Firecrawl's webhook functionality. Authenticated users could configure a webhook to an internal URL and send POST requests with...

WordPress Chartbeat Plugin <= 2.0.7 - Server Side Request Forgery (SSRF) Vulnerability

Server Side Request Forgery SSRF Vulnerability discovered by Martin Herancourt in WordPress Plugin Chartbeat versions = 2.0.7...

Firecrawl 代码问题漏洞

Firecrawl is an open source AI web crawler tool from Mendable.ai. A code issue vulnerability exists in Firecrawl versions prior to 2.0.1, which stems from a server-side request forgery vulnerability in the webhook functionality that could lead to access to internal systems...

Adobe ColdFusion Server-Side Request Forgery Vulnerability

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has a server-side request forgery vulnerability that can be exploited by an attacker t...

Linux Distros Unpatched Vulnerability : CVE-2018-8801

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to SSRF in the Services and webhooks component. CVE-2018-8801 Note th...

Linux Distros Unpatched Vulnerability : CVE-2020-13295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF. CVE-2020-13295 Note th...

CVE-2025-57814

request-filtering-agent is an https.Agent implementation that blocks requests to Private/Reserved IP addresses. Versions 1.x.x and earlier contain a vulnerability where HTTPS requests to 127.0.0.1 bypass IP address filtering, while HTTP requests are correctly blocked. This allows attackers to...

CVE-2025-57814 request-filtering-agent SSRF Bypass via HTTPS Requests

request-filtering-agent is an https.Agent implementation that blocks requests to Private/Reserved IP addresses. Versions 1.x.x and earlier contain a vulnerability where HTTPS requests to 127.0.0.1 bypass IP address filtering, while HTTP requests are correctly blocked. This allows attackers to...