PT-2024-15454 · Youke365 · Youke365

Name of the Vulnerable Software and Affected Versions: Youke365 versions up to 1.5.3 Description: A critical issue was found in the Parameter Handler component, specifically in the file /app/api/controller/caiji.php. The manipulation of the url argument leads to server-side request forgery,...

GHSA-HR2C-P8RH-238H Apache Axis Improper Input Validation vulnerability

UNSUPPORTED WHEN ASSIGNED Improper Input Validation vulnerability in Apache Axis allowed users with access to the admin service to perform possible SSRF. This issue affects Apache Axis through 1.3. As Axis 1 has been EOL, we recommend you migrate to a different SOAP engine, such as Apache Axis...

DEBIAN-CVE-2023-51441

UNSUPPORTED WHEN ASSIGNED Improper Input Validation vulnerability in Apache Axis allowed users with access to the admin service to perform possible SSRF This issue affects Apache Axis: through 1.3. As Axis 1 has been EOL we recommend you migrate to a different SOAP engine, such as Apache Axis...

PT-2024-18992 · D-Tale · D-Tale

Name of the Vulnerable Software and Affected Versions: D-Tale versions prior to 3.9.0 Description: D-Tale is a visualizer for Pandas data structures. Users hosting versions prior to 3.9.0 publicly can be vulnerable to server-side request forgery SSRF, allowing attackers to access files on the...

GHSA-FWVG-2739-22V7 Miniflare vulnerable to Server-Side Request Forgery (SSRF)

Impact Sending specially crafted HTTP requests to Miniflare's server could result in arbitrary HTTP and WebSocket requests being sent from the server. If Miniflare was configured to listen on external network interfaces as was the default in wrangler until 3.19.0, an attacker on the local network...

CVE-2023-51676

Server-Side Request Forgery SSRF vulnerability in Leevio Happy Addons for Elementor.This issue affects Happy Addons for Elementor: from n/a through 3.9.1.1...

PT-2023-31879 · Leevio · Leevio Happy Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Leevio Happy Addons for Elementor versions 3.9.1.1 and earlier Description: A Server-Side Request Forgery SSRF issue affects Leevio Happy Addons for Elementor. This issue allows an attacker to forge requests to servers, potentially leading to...

Apache OFBiz 代码问题漏洞

Apache OFBiz is the United States Apache Apache Foundation of a set of enterprise resource planning ERP system. The system provides a set of Java-based Web application components and tools. Apache OFBiz suffers from a server-side request forgery vulnerability that can be exploited by an attacker ...

PT-2023-8030 · Apache · Apache Ofbiz

Name of the Vulnerable Software and Affected Versions: Apache OFBiz versions prior to 18.12.11 Description: The issue is related to insufficient validation of incoming requests, allowing a remote attacker to perform a Server-Side Request Forgery SSRF attack by sending a specially crafted HTTP...

Apache OFBiz 代码问题漏洞

Apache OFBiz is the United States Apache Apache Foundation of a set of enterprise resource planning ERP system. The system provides a set of Java-based Web application components and tools. Apache OFBiz suffers from a server-side request forgery vulnerability that can be exploited by an attacker ...

Medusa Code Issues Vulnerabilities

Medusa is pyMedusa's open source automated video library manager for a television program. Medusa 1.0.19 previous version of a code issue vulnerability , the vulnerability stems from the vulnerability to unauthenticated server-side blind request forgery SSRF...

PT-2023-31833 · Gradio · Gradio

Name of the Vulnerable Software and Affected Versions: Gradio versions prior to 4.11.0 Description: The issue concerns a vulnerability in the /file route of Gradio, making it susceptible to file traversal attacks. An attacker could access arbitrary files on a machine running a Gradio app with a...

PT-2023-32845 · Automad · Automad

Name of the Vulnerable Software and Affected Versions: automad versions up to 1.10.9 Description: A critical issue affects the import function in the FileController.php file, where the manipulation of the importUrl argument leads to server-side request forgery. This can be initiated remotely and...

The vulnerability of the Static Handler component of the web framework used to create scalable and high-performance web applications, Echo, allows a attacker to perform an SSRF attack.

The vulnerability of the Static Handler component of the web framework used to create scalable and high-performance web applications, Echo, involves redirecting URLs to an unreliable website. Exploiting this vulnerability can enable a remote attacker to perform an SSRF attack...

CVE-2023-46262

An unauthenticated attacked could send a specifically crafted web request causing a Server-Side Request Forgery SSRF in Ivanti Avalanche Remote Control server...

PT-2023-13784 · WordPress · Givewp

Name of the Vulnerable Software and Affected Versions: GiveWP – Donation Plugin and Fundraising Platform versions through 2.25.1 Description: A Server-Side Request Forgery SSRF issue affects the GiveWP – Donation Plugin and Fundraising Platform. This allows an attacker to trick the server into...

KodExplorer Code Issue Vulnerability

KodExplorer is a web file manager by the individual developer warlee. A code issue vulnerability exists in KodExplorer version 4.51.03, which stems from a manipulation that can lead to server-side request forgery...

kodbox Code Issues Vulnerabilities

kodbox is a network file manager. A code issue vulnerability exists in kalcaddle kodbox version 1.48, which stems from the fact that manipulation of parameter paths can lead to server-side request forgery...

PT-2023-32790 · Kodbox · Kodbox

Name of the Vulnerable Software and Affected Versions: kalcaddle kodbox versions up to 1.48 Description: A critical issue affects the function cover of the file plugins/fileThumb/app.php. The manipulation of the argument path leads to server-side request forgery. This issue can be exploited...

PT-2023-32793 · Kalcaddle · Kodexplorer

Name of the Vulnerable Software and Affected Versions: kalcaddle KodExplorer versions up to 4.51.03 Description: A critical vulnerability has been found in kalcaddle KodExplorer, affecting an unknown function of the file plugins/webodf/app.php. This issue leads to server-side request forgery and...