Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

NVD
NVDadded 2018/04/10 3:29 p.m.10 views

CVE-2017-14611

SSRF Server Side Request Forgery in Cockpit 0.13.0 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter, related to use of the discontinued aheinze/fetchurlcontents component...

9.1CVSS9.2AI score0.00297EPSS
Exploits7References1
Veracode
Veracodeadded 2018/04/09 3:41 a.m.17 views

Sever Side Request Forgery (SSRF)

aheinze/cockpit is vulnerable to server side request forgery SSRF attacks. The attack is possible because it through the window.fetchurlcontents function, allowing a malicious user to read arbitrary files, scan network ports, carry out information detection and internal network server attacks...

9.1CVSS8.9AI score0.00297EPSS
Exploits7References2Affected Software1
0day.today
0day.todayadded 2018/04/08 12:0 a.m.67 views

Cockpit CMS 0.13.0 Server Side Request Forgery Vulnerability

Cockpit CMS version 0.13.0 suffers from a server-side request forgery vulnerability. SSRFPS"Server Side Request ForgeryPSc in Cockpit CMS 0.13.0 CVE-2017-14611 The Cockpit CMS is awesome if you need a flexible content structure but don't want to be limited in how to use the content. Product...

0.5AI score0.00297EPSS
Exploits7
Rows per page
Query Builder