WordPress plugin SocialMark 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

WordPress Car Repair Services theme <= 5.0 - Server Side Request Forgery (SSRF) Vulnerability

Server Side Request Forgery SSRF Vulnerability discovered by Bonds in WordPress Theme Car Repair Services versions = 5.0...

Acronis Cyber Protect 代码问题漏洞

Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise from Acronis Switzerland. Combining backup, anti-malware, network security and endpoint management features such as vulnerability assessment, URL filtering, patch management, etc.... Acronis Cyber Protect...

CVE-2025-5510

A vulnerability classified as critical was found in quequnlong shiyi-blog up to 1.2.1. This vulnerability affects unknown code of the file /app/sys/article/optimize. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. The exploit has be...

shiyi-blog 安全漏洞

shiyi-blog is a vue+springboot front-end and back-end separated blog system by bule individual developer. A security vulnerability exists in shiyi-blog 1.2.1 and earlier versions, which stems from a server-side request forgery due to incorrect manipulation of the parameter url...

Request-Baskets Server-Side Request Forgery

Request-Baskets versions up to 1.2.1 proof of concept server-side request forgery exploit...

The vulnerability of the Microsoft Power Apps development environment, related to insufficient validation of incoming requests, allows a attacker to execute an SSRF attack.

The vulnerability of the Microsoft Power Apps development environment is related to insufficient testing of incoming requests. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...

CVE-2024-7073

A server-side request forgery SSRF vulnerability exists in multiple WSO2 products due to improper input validation in SOAP admin services. This flaw allows unauthenticated attackers to manipulate server-side requests, enabling access to internal and external resources available through the networ...

CVE-2025-37090

A server-side request forgery vulnerability exists in HPE StoreOnce Software...

Hewlett Packard Enterprise StoreOnce 代码问题漏洞

Hewlett Packard Enterprise StoreOnce is a cloud backup data protection system from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise StoreOnce that stems from server-side request forgery...

WSO2多款产品 代码问题漏洞

WSO2 Identity Server IS and others are products of WSO2, Inc.WSO2 Identity Server is an identity server.WSO2 Identity Server as Key Manager is an identity server.WSO2 Open Banking IAM is an identity and access management solution for the Open Banking OB space. WSO2 Open Banking IAM is an identity...

The vulnerability of the Interaction Center web client component of the SAP CRM system, which is used for managing customer relationships, as well as the SAP S/4HANA software platform, allows a attacker to perform a SSRF attack.

The vulnerability of the Interaction Center web client component of the SAP CRM and SAP S/4HANA software system relates to insufficient validation of incoming requests. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...

CVE-2025-5327

A vulnerability was found in chshcms mccms 2.7. It has been classified as critical. This affects the function index of the file sys/apps/controllers/api/Gf.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit h...

CVE-2025-4967

Esri Portal for ArcGIS 11.4 and prior allows a remote, unauthenticated attacker to bypass the Portal’s SSRF protections...

CVE-2025-45474

maccms10 v2025.1000.4047 is vulnerable to Server-side request forgery SSRF in Email Settings...

CVE-2025-45475

maccms10 v2025.1000.4047 is vulnerable to Server-Side request forgery SSRF in Friend Link Management...

maccms10 安全漏洞

maccms10 is magicblack open source a set of PHP + MYSQL environment running under the perfect and powerful rapid website building system. A security vulnerability exists in maccms10 version v2025.1000.4047, which originates from a server-side request forgery in email settings...

mccms 代码问题漏洞

mccms Man City CMS is a rapid website building system for individual developers of China Smokey River South chshcms. A code issue vulnerability exists in version 2.7 of mccms, which stems from improper handling of the pic parameter in the file sys/apps/controllers/api/Gf.php, which may lead to...

Server-Side Request Forgery (SSRF)

Overview mcp-markdownify-server is a Model Context Protocol MCP server that converts various file types and web content to Markdown format. It provides a set of tools to transform PDFs, images, audio files, web pages, and more into easily readable and shareable Markdown text. Affected versions of...

The vulnerability of the SimpleOne ITSM automation system allows a perpetrator to carry out an SSRF attack and gain unauthorized access to protected information.

The vulnerability of the SimpleOne ITSM automation system is related to insufficient verification of incoming requests. Exploiting this vulnerability could allow a malicious actor to carry out an SRF attack and gain unauthorized access to protected information...