CVE-2025-50125

A CWE-918: Server-Side Request Forgery SSRF vulnerability exists that could cause unauthenticated remote code execution when the server is accessed via the network with knowledge of hidden URLs and manipulation of host request header...

CVE-2025-50125

CVE-2025-50125 affects Schneider Electric EcoStruxure IT Data Center Expert (DCE) up to version 8.3. A server-side request forgery (SSRF) vulnerability exists in the DCE web application that forwards HTTP requests based on the Host header for unauthenticated users, enabling an attacker to coerce ...

PT-2025-29226 · Apache · Apache

Name of the Vulnerable Software and Affected Versions: Apache affected versions not specified Description: A Server-Side Request Forgery SSRF vulnerability exists that could cause unauthenticated remote code execution when the server is accessed via the network with knowledge of hidden URLs and...

EndExt - Go Tool For Extracting All The Possible Endpoints From The JS Files

EndExt is a .go tool for extracting all the possible endpoints from the JS files Idea When you crawll all the JS files from waybackruls for example, or even collecting the JS files urls from your target website's home source page .. If the website was using API system and you wanna look for all t...

HP LaserJet Pro Printers remotely exploitable to gain unauthorized access to Wi-Fi and Printer Data

Do you own an HP printer? If so, it may be vulnerable to Hackers. Multiple HP LaserJet Pro Printers are printer vulnerable to hackers according to a new advisory posted by the vendor, dubbed as CVE-2013-4807 SSRT101181. Researcher 'Micha Sajdak' of Securitum.pl have found a security hole HP...