CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7213 matches found

ATTACKERKB•added 2022/06/09 2:15 p.m.•3 views

CVE-2022-31827

MonstaFTP v2.10.3 was discovered to contain a Server-Side Request Forgery SSRF via the function performFetchRequest at HTTPFetcher.php...

9.1CVSS5.3AI score0.19125EPSS

Exploits1References2

OSV•added 2022/06/09 2:15 p.m.•1 views

CVE-2022-31827

MonstaFTP v2.10.3 was discovered to contain a Server-Side Request Forgery SSRF via the function performFetchRequest at HTTPFetcher.php...

9.1CVSS5.8AI score0.19125EPSS

Exploits1References1

NVD•added 2022/06/09 2:15 p.m.•29 views

CVE-2022-31827

MonstaFTP v2.10.3 was discovered to contain a Server-Side Request Forgery SSRF via the function performFetchRequest at HTTPFetcher.php...

9.1CVSS0.19125EPSS

Exploits1References1

CNNVD•added 2022/06/09 12:0 a.m.•2 views

JIZHICMS 代码问题漏洞

Extreme Networks Technology JIZHICMS Extreme CMS is an open source content management system CMS from China's Extreme Networks Technology Company. A security vulnerability exists in JIZHICMS version v2.2.5, which originated from a server-side request forgery SSRF vulnerability discovered through...

9.1CVSS8.3AI score0.00935EPSS

Exploits1References2

CNNVD•added 2022/06/09 12:0 a.m.•3 views

Monsta FTP 代码问题漏洞

Monsta FTP is a modern web interface for FTP. A security vulnerability exists in Monsta FTP version v2.10.3, which stems from a server-side request forgery SSRF vulnerability discovered via the performFetchRequest function in HTTPFetcher.php...

9.1CVSS8.2AI score0.19125EPSS

Exploits1References2

CNNVD•added 2022/06/09 12:0 a.m.•3 views

Kity Minder 代码问题漏洞

Baidu Kity Minder Baidu Brain Map is a handy thinking tool from Baidu, a Chinese company. A security vulnerability exists in Kity Minder v1.3.5, which was discovered via a server-side request forgery SSRF vulnerability in the init function in ImageCapture.class.php...

9.1CVSS8.3AI score0.14619EPSS

Exploits1References2

ATTACKERKB•added 2022/06/06 9:15 p.m.•1 views

CVE-2022-29631

Jodd HTTP v6.0.9 was discovered to contain multiple CLRF injection vulnerabilities via the components jodd.http.HttpRequestset and jodd.http.HttpRequestsend. These vulnerabilities allow attackers to execute Server-Side Request Forgery SSRF via a crafted TCP payload...

7.5CVSS6AI score0.00939EPSS

Exploits1References3

Positive Technologies•added 2022/06/06 12:0 a.m.•4 views

PT-2022-19738 · Jodd Http · Jodd Http

Name of the Vulnerable Software and Affected Versions: Jodd HTTP version 6.0.9 Description: The issue allows attackers to execute Server-Side Request Forgery SSRF via a crafted TCP payload, leveraging multiple CLRF injection vulnerabilities. These vulnerabilities are present in the components...

7.5CVSS8AI score0.00939EPSS

Exploits1References11

CNNVD•added 2022/06/06 12:0 a.m.•2 views

Jodd 注入漏洞

Jodd is a Java-based utility toolset. A security vulnerability exists in Jodd HTTP version v6.0.9, which stems from multiple Carriage Return Line Feed CLRF injection vulnerabilities discovered via the components jodd.http.HttpRequestset and jodd.http.HttpRequestsend. An attacker could exploit thi...

7.5CVSS7.3AI score0.00939EPSS

Exploits1References3

ATTACKERKB•added 2022/06/01 6:15 a.m.•3 views

CVE-2022-1285

Server-Side Request Forgery SSRF in GitHub repository gogs/gogs prior to 0.12.8...

8.3CVSS6.9AI score0.01193EPSS

Exploits1References3

ATTACKERKB•added 2022/05/24 3:15 a.m.•0 views

CVE-2022-29309

mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery...

7.5CVSS5.9AI score0.00865EPSS

Exploits1References2

OSV•added 2022/05/24 3:15 a.m.•1 views

CVE-2022-29309

mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery...

7.5CVSS7.1AI score0.00865EPSS

Exploits1References1

Positive Technologies•added 2022/05/24 12:0 a.m.•2 views

PT-2022-19532 · Unknown · Mysiteforme

Name of the Vulnerable Software and Affected Versions: mysiteforme version 2.2.1 Description: The issue is related to a Server-Side Request Forgery. Recommendations: For mysiteforme version 2.2.1, at the moment, there is no information about a newer version that contains a fix for this issue...

7.5CVSS6.9AI score0.00865EPSS

Exploits1References5

ATTACKERKB•added 2022/05/23 2:16 p.m.•2 views

CVE-2022-28997

CSZCMS v1.3.0 allows attackers to execute a Server-Side Request Forgery SSRF which can be leveraged to leak sensitive data via a local file inclusion at /admin/filemanager/connector/...

7.5CVSS7.1AI score0.01944EPSS

Exploits1References6

ATTACKERKB•added 2022/05/20 1:15 p.m.•2 views

CVE-2022-1784

Server-Side Request Forgery SSRF in GitHub repository jgraph/drawio prior to 18.0.8...

7.5CVSS7.1AI score0.01686EPSS

Exploits1References3

CNNVD•added 2022/05/20 12:0 a.m.•2 views

JGraph draw.io 代码问题漏洞

JGraph draw.io is a configurable chart/whiteboard visualization application for JGraph. A security vulnerability exists in JGraph draw.io prior to version 18.0.0, which can be exploited by an attacker to cause server-side request forgery SSRF...

7.5CVSS7.3AI score0.01686EPSS

Exploits1References4

CNNVD•added 2022/05/18 12:0 a.m.•2 views

JGraph draw.io 代码问题漏洞

JGraph draw.io is a configurable chart/whiteboard visualization application from JGraph. A security vulnerability exists in JGraph draw.io prior to version 18.0.7 that stems from the presence of server-side request forgery SSRF...

7.5CVSS7.3AI score0.01698EPSS

Exploits1References3

ATTACKERKB•added 2022/05/17 9:15 p.m.•2 views

CVE-2022-28616

A remote server-side request forgery ssrf vulnerability was discovered in HPE OneView versions: Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView...

9.8CVSS7.2AI score0.01292EPSS

Exploits0References2

OSV•added 2022/05/17 3:15 p.m.•0 views

CVE-2022-30972

A cross-site request forgery CSRF vulnerability in Jenkins Storable Configs Plugin 1.0 and earlier allows attackers to have Jenkins parse a local XML file e.g., archived artifacts that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery...

8.8CVSS5.7AI score

Exploits0References1

ATTACKERKB•added 2022/05/17 3:15 p.m.•1 views

CVE-2022-30972

8.8CVSS7.2AI score0.00625EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by