InfoDoc Document On-line Submission and Approval System 代码问题漏洞

The InfoDoc Document On-line Submission and Approval System is an online submission and approval system for documents from InfoDoc, Inc. The InfoDoc Document On-line Submission and Approval System is vulnerable to a code issue that originates from a Server Request Forgery SSRF vulnerability in th...

CVE-2023-29260

IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 252135...

PT-2023-22226 · Ibm · Ibm Sterling Connect:Express For Unix

Name of the Vulnerable Software and Affected Versions: IBM Sterling Connect:Express for UNIX version 1.5 Description: The issue allows an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. This is due to ...

IBM Sterling Connect:Express for UNIX 代码问题漏洞

IBM Sterling Connect:Express for UNIX is a file transfer solution from International Business Machines IBM for the UNIX platform. A security vulnerability exists in IBM Sterling Connect Express for UNIX version 1.5 that stems from vulnerability to server-side request forgery SSRF attacks, which c...

OSNEXUS QuantaStor 代码问题漏洞

OSNEXUS QuantaStor is a unified software-defined storage platform from OSNEXUS Corporation. A code issue vulnerability exists in OSNEXUS QuantaStor versions prior to 6.0.0.355. An attacker could exploit this vulnerability to perform server-side request forgery SSRF attacks...

PT-2023-25307 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.109 Description: A critical issue was found in DedeCMS, affecting an unknown functionality of the file co do.php. The manipulation of the rssurl argument leads to server-side request forgery. Recommendations: For DedeCMS...

CVE-2023-35175

Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery SSRF using the Web Service Eventing model...

batik: Server-Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14...

batik: Server-Side Request Forgery

Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14...

GHSA-FF3M-68VJ-H86P PlantUML Server-Side Request Forgery vulnerability

Server-Side Request Forgery SSRF in GitHub repository plantuml/plantuml prior to 1.2023.9...

DEBIAN-CVE-2023-3432

Server-Side Request Forgery SSRF in GitHub repository plantuml/plantuml prior to 1.2023.9...

UBUNTU-CVE-2023-3432

Server-Side Request Forgery SSRF in GitHub repository plantuml/plantuml prior to 1.2023.9...

PT-2023-24811 · Plantuml +1 · Plantuml +1

Name of the Vulnerable Software and Affected Versions: plantuml versions prior to 1.2023.9 Description: The issue is related to Server-Side Request Forgery SSRF in the GitHub repository plantuml/plantuml. Recommendations: For versions prior to 1.2023.9, update to version 1.2023.9 or later to...

BigBlueButton 代码问题漏洞

BigBlueButton is an open source web conferencing system from the BigBlueButton community. BigBlueButton has a code issue vulnerability that stems from the presence of a server-side request forgery SSRF vulnerability...

DEBIAN-CVE-2023-36661

Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows...

UBUNTU-CVE-2023-35133

An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions...

The vulnerability of the Magento Commerce software platform for developing and managing online stores stems from insufficient validation of incoming requests on the server side. This allows attackers to execute SSRF attacks.

The vulnerability of the software platform for developing and managing online stores Magento Commerce is related to insufficient validation of incoming requests on the server side. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack remotely...

PT-2023-25664 · Shibboleth +3 · Shibboleth Xmltooling-C +4

Name of the Vulnerable Software and Affected Versions: Shibboleth XMLTooling versions prior to 3.2.4 Shibboleth Service Provider versions prior to 3.4.1.3 Description: The issue allows Server-Side Request Forgery SSRF via a crafted KeyInfo element. This can be exploited by manipulating the KeyInf...

CVE-2023-24243

CData RSB Connect v22.0.8336 was discovered to contain a Server-Side Request Forgery SSRF...

PT-2023-19496 · Cdata · Cdata Rsb Connect

Name of the Vulnerable Software and Affected Versions: CData RSB Connect version 22.0.8336 Description: A Server-Side Request Forgery SSRF issue was discovered. This issue allows an attacker to trick the server into making unintended requests, potentially leading to unauthorized access to sensiti...