Server-Side Request Forgery (SSRF)

Overview private-ip is a Check if IP address is private. Affected versions of this package are vulnerable to Server-Side Request Forgery SSRF where an attacker can provide an IP or hostname that resolves to a multicast IP address 224.0.0.0/4 which is not included as part of the private IP ranges ...

CVE-2025-1970

The Export and Import Users and Customers plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.6.2 via the validatefile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web request...

WordPress plugin Export and Import Users and Customers 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress...

WordPress Make Builder plugin <= 1.1.10 - Authenticated (Subscriber+) Server-Side Request Forgery via make_builder_ajax_subscribe Function vulnerability

Authenticated Subscriber+ Server-Side Request Forgery via makebuilderajaxsubscribe Function vulnerability discovered by Francesco Carlucci in WordPress Plugin Make Builder versions = 1.1.10...

CVE-2024-48590

Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery SSRF via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the concatenateForRewrite method in JettyUtils when the management proxy is enabled - which it is in the default configuration. An attacker can manipulate the URL to redirect requests to an arbitrary...

GHSA-QVG9-VP87-H3HR composio Server-Side Request Forgery (SSRF) vulnerability

A Server-Side Request Forgery SSRF vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOLSCRAPEWEBSITECONTENT endpoint. This vulnerability allows an attacker to read files, access AWS metadata, and interact with local services on the system...

Server-side Request Forgery (SSRF)

Overview composio-core is a Core package to act as a bridge between composio platform and other services. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the /api/actions/execute/WEBTOOLSCRAPEWEBSITECONTENT endpoint. An attacker with high privileges ca...

GHSA-H254-G997-685C FastChat Server-Side Request Forgery vulnerability

A Server-Side Request Forgery SSRF vulnerability exists in lm-sys/fastchat version 0.2.36. The vulnerability is present in the /queue/join? endpoint, where insufficient validation of the path parameter allows an attacker to send crafted requests. This can lead to unauthorized access to internal...

PYSEC-2025-98

A Server-Side Request Forgery SSRF vulnerability was discovered in gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability allows an attacker to construct a response link by saving the response in a folder named after the SHA-1 hash of the target URL. This enables the attacker to access th...

CVE-2024-12068

A Server-Side Request Forgery SSRF vulnerability was discovered in haotian-liu/llava, affecting version git c121f04. This vulnerability allows an attacker to make the server perform HTTP requests to arbitrary URLs, potentially accessing sensitive data that is only accessible from the server, such...

CVE-2024-12376

A Server-Side Request Forgery SSRF vulnerability was identified in the lm-sys/fastchat web server, specifically in the affected version git 2c68a13. This vulnerability allows an attacker to access internal server resources and data that are otherwise inaccessible, such as AWS metadata credentials...

CVE-2024-11603

A Server-Side Request Forgery SSRF vulnerability exists in lm-sys/fastchat version 0.2.36. The vulnerability is present in the /queue/join? endpoint, where insufficient validation of the path parameter allows an attacker to send crafted requests. This can lead to unauthorized access to internal...

GPT Academic 代码问题漏洞

GPT Academic is an interface that provides pragmatic interactions for LLM grand language models such as GPT/GLM. GPT Academic suffers from a server-side request forgery vulnerability that can be exploited by an attacker to cause an application to access any URL, including internal services, and...

GPT Academic 安全漏洞

GPT Academic is an interface that provides pragmatic interactions for LLM grand language models such as GPT/GLM. A server-side request forgery vulnerability exists in the GPT Academic crazyutils.getfilesfromeverything function, which can be exploited by an attacker to cause unauthorized access to...

Apache Druid 代码问题漏洞

Apache Druid is an open source, column-oriented, distributed database written in the Java language from the Apache Foundation USA. Apache Druid suffers from a code issue vulnerability that stems from server-side request forgery, cross-site scripting, and open redirects that could lead to XSS or...

dify 代码问题漏洞

dify is an open source LLM application development platform from LangGenius Open Source. A code issue vulnerability exists in version 0.10.2 of dify, which stems from the Create Knowledge section when uploading DOCX files is vulnerable to server-side request forgery attacks...

Composio 安全漏洞

Composio is a production-ready toolset for AI agents open-sourced by Composio. A security vulnerability exists in Composio version v0.4.2, which stems from the /api/actions/execute/WEBTOOLSCRAPEWEBSITECONTENT endpoint that does not validate user input, which could lead to a server-side request...

LLaVA 代码问题漏洞

LLaVA is an application by Haotian Liu, a personal developer. A code issue vulnerability exists in LLaVA v1.2.0, which stems from a server-side request forgery in the POST /workergeneratestream API endpoint that could lead to unauthorized network operations...

Vanna 代码问题漏洞

Vanna is a personalized AI SQL agent from Vanna Inc. Vanna suffers from a code issue vulnerability that stems from a server-side request forgery when using DuckDB as a database, which allows an attacker to make unauthorized requests by submitting specially crafted SQL queries...