Clinical-Genomics Scout 代码问题漏洞

Scout is a platform for analyzing VCFs and enabling collaboration to solve rare diseases faster. A security vulnerability exists in Clinical-Genomics Scout versions prior to 4.42 that stems from the presence of server-side request forgery in the application. An attacker exploiting this...

CVE-2022-28090

Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery SSRF via /cmscp/ext/collect/fetchurl.do?url=...

VulnCheck KEV: CVE-2021-21311

Adminer contains a server-side request forgery vulnerability that, when exploited, allows a remote attacker to obtain potentially sensitive information...

Jspxcms 代码问题漏洞

Blue Intelligence Technology Jspxcms is China's Blue Intelligence Technology Company's set of scalable enterprise-class open source Web content management system CMS. Jspxcms version 10.2.0 has a security vulnerability , the vulnerability stems from the /cmscp/ext/collect/fetchurl.do?url=found th...

WordPress plugin HubSpot 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. versions of the WordPress HubSpot plugin prior to 8.8.15 are vulnerable to server-side request...

GeoServer 代码问题漏洞

GeoServer is an open source software server written in Java. It allows users to share and edit geospatial data. A security vulnerability exists in GeoServer that originates from an option that allows SSRF to set up proxy hosts through. The following products and versions are affected: versions...

CVE-2022-24449

Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF attacks via a crafted XML document...

CVE-2022-28117

A Server-Side Request Forgery SSRF in feedparser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter...

Solar appScreener 代码问题漏洞

Solar appScreener is a static application security testing SAST tool from Solar appScreener, Inc. It is used to detect vulnerabilities and backdoors in binary and source code. A security vulnerability exists in Solar appScreener 3.10.4 and prior versions that originates from an XXE and SSRF attac...

CVE-2022-27469

Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery SSRF...

CVE-2022-27469

Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery SSRF...

CVE-2022-27311

Gibbon v3.4.4 and below allows attackers to execute a Server-Side Request Forgery SSRF via a crafted URL...

JIZHICMS 代码问题漏洞

JIZHICMS JIZHICMS is an open source Content Management System CMS from China's JIZHICMS Network Technology Company. A security vulnerability exists in JIZHICMS v1.9.5, which originates from a server-side request forgery SSRF vulnerability in /admin.php/Plugins/update.html...

DEBIAN-CVE-2022-29153

HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5...

UBUNTU-CVE-2022-29153

HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5...

PT-2022-19418 · Hashicorp +3 · Hashicorp Consul +4

Name of the Vulnerable Software and Affected Versions: HashiCorp Consul and Consul Enterprise versions 1.9.16 and earlier, 1.10.9 and earlier, 1.11.4 and earlier Description: A server-side request forgery issue may occur when the Consul client agent follows redirects returned by HTTP health check...

WordPress plugin EXMAGE 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in the...

Chamilo LMS 代码问题漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association that supports the creation of instructional content, remote training, and online question answering. The system supports the creation of instructional content, remote training and online question...

IBM Planning Analytics 代码问题漏洞

IBM Planning Analytics is a business planning and analysis solution from IBM USA. IBM Planning Analytics is vulnerable to server-side request forgery, which can be exploited by attackers to cause network enumeration or facilitate other attacks...

The vulnerability of the corporate platform MS Teams, due to insufficient verification of incoming requests, allows a hacker to execute an SSRF attack.

The vulnerability of the corporate platform Microsoft Teams is related to insufficient verification of incoming requests. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack remotely...