Zammad 安全漏洞

Zammad is a suite of ticket management software from the German company Zammad. A security vulnerability exists in Zammad versions prior to 6.4.2, which stems from a server-side request forgery that could result in a GET request in the local network...

Browsershot 安全漏洞

Browsershot is an open source tool from Spatie. It is used to convert web pages into images or pdfs. Browsershot version 0.0.0 there is a security vulnerability , the vulnerability stems from the setUrl function lack of input restrictions , which may lead to server-side request forgery...

Bitdefender GravityZone Console 代码问题漏洞

Bitdefender GravityZone Console is a centralized cybersecurity management platform from Bitdefender Romania, designed to provide organizations with full visibility and control over their security infrastructure. A code issue vulnerability exists in Bitdefender GravityZone Console versions prior t...

PT-2025-14873 · Bitdefender · Bitdefender Gravityzone Console

Name of the Vulnerable Software and Affected Versions: Bitdefender GravityZone Console versions prior to 6.41.2.1 Description: A server-side request forgery SSRF issue allows an attacker to bypass input validation logic using leading characters in DNS requests. This could potentially be used for...

WordPress plugin WP Optin Wheel 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

WordPress plugin ElementsCSS Addons for Elementor 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

Server-side Request Forgery (SSRF)

Overview mobsf is a Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Affected versions of this package are vulnerable to Server-side...

CVE-2025-2997

A vulnerability was found in zhangyanbo2007 youkefu 4.2.0. It has been classified as critical. Affected is an unknown function of the file /res/url. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been...

Mobile Security Framework 代码问题漏洞

Mobile Security Framework MobSF is an automated all-in-one mobile application open source by Mobile Security Framework. Used for penetration testing, malware analysis and security assessments, it is capable of performing both static and dynamic analysis. A code issue vulnerability exists in Mobil...

OpenEMR 代码问题漏洞

OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing, and medical billing requests. A code issue vulnerability exists in versions prior to OpenEMR 7.0.3.1 that stems...

youkefu 代码问题漏洞

youkefu is a customer service support application by the individual developer zhangyanbo2007. A code issue vulnerability exists in youkefu version 4.2.0, which stems from an incorrect manipulation of the parameter url that can lead to server-side request forgery...

The vulnerability of the Kylin data processing platform, related to insufficient validation of incoming requests, allows a hacker to execute an SSRF attack.

The vulnerability of the Kylin data processing platform is related to insufficient validation of incoming requests during the processing of the final endpoint /kylin/api/xxx/diag. Exploiting this vulnerability allows a remote attacker to perform an SSRF attack...

Server-side Request Forgery (SSRF)

Overview shopxo/shopxo is an e-commerce system. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Email Settings. An attacker can manipulate the server into making requests to unintended locations by sending crafted inputs to the affected settings...

Server-side Request Forgery (SSRF)

Overview shopxo/shopxo is an e-commerce system. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the image upload function. An attacker can manipulate the server into making unintended requests by supplying malicious URLs or inputs. Remediation There is no...

WordPress WP Compress for MainWP plugin <= 6.30.03 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by theviper17 in WordPress Plugin WP Compress for MainWP versions = 6.30.03...

CSS Validator 安全漏洞

CSS Validator is a CSS Cascading Style Sheet validation program from the World Wide Web W3C organization. A security vulnerability exists in previous versions of CSS Validator cssval-20250226, which stems from a vulnerability that allows an attacker to force a server-side request forgery using a...

maccms10 安全漏洞

maccms10 is magicblack open source a set of PHP + MYSQL environment running under the perfect and powerful rapid website building system. A security vulnerability exists in maccms10 version v2025.1000.4047, which originates from a server-side request forgery in the Scheduled Tasks feature...

ShopXO 安全漏洞

ShopXO is an open source enterprise-grade open source e-commerce system from ShopXO Inc. A security vulnerability exists in ShopXO version v6.4.0, which originates from a server-side request forgery in the image upload feature...

PT-2025-13590 · Shopxo · Shopxo

Name of the Vulnerable Software and Affected Versions: shopxo version 6.4.0 Description: The issue is related to a SSRF/XSS vulnerability in multiple places. Recommendations: For shopxo version 6.4.0, at the moment, there is no information about a newer version that contains a fix for this...

ShopXO 安全漏洞

ShopXO is an open source enterprise-grade open source e-commerce system from ShopXO Inc. A security vulnerability exists in ShopXO v6.4.0, which stems from the presence of server-side request forgery and cross-site scripting in multiple locations...