PT-2026-40964

Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL via the web interface or the API. In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or...

GHSA-GMWR-9J4P-96VM ProcessWire: server-side request forgery vulnerability in the admin panel's 'Add Module From URL' feature

ProcessWire CMS version 3.0.255 and prior contain a server-side request forgery vulnerability in the admin panel's 'Add Module From URL' feature that allows authenticated administrators to supply arbitrary URLs to the module download parameter, causing the server to issue outbound HTTP requests t...

CVE-2026-33659

EspoCRM 9.3.3 and earlier are affected by SSRF via POST /api/v1/Attachment/fromImageUrl (and fromImageUrl) due to a DNS rebinding (TOCTOU) flaw. Host validation uses dns_get_record(), but the actual HTTP request resolves with curl’s internal resolver (gethostbyname()), allowing mismatched IP look...

EUVD-2026-22083

EspoCRM is an open source customer relationship management application. In versions 9.3.3 and below, the POST /api/v1/Attachment/fromImageUrl endpoint is vulnerable to Server-Side Request Forgery SSRF via a DNS rebinding TOCTOU condition. Host validation uses dnsgetrecord but the actual HTTP...

CVE-2026-26005

CVE-2026-26005 affects ClipBucket v5 prior to 5.5.3; the Remote Play feature allows creating video entries that reference external video URLs without uploading files. If an attacker specifies an internal network host in the video URL, an SSRF is triggered, causing GET requests to internal servers...

DoraCMS 代码问题漏洞

DoraCMS is an open-source application developed by DoraCMS. It is a content management system built using Node.js, eggjs, and MongoDB. Versions of DoraCMS 3.1 and earlier have code vulnerabilities. These vulnerabilities stem from the UEditor’s remote image retrieval feature, which involves...

CVE-2025-58441

Knowage (open source analytics/BI suite) prior to version 8.1.37 is affected by a blind server-side request forgery (SSRF). The issue allows an attacker to send requests to arbitrary hosts/paths, but cannot read responses, limiting direct impact. However, it could be used to scan internal network...

EUVD-2025-26348

Malicious code in bioql PyPI...

PT-2025-35494

Name of the Vulnerable Software and Affected Versions: Knowage versions prior to 8.1.37 Description: Knowage is vulnerable to server-side request forgery. The vulnerability allows attackers to send requests to arbitrary hosts/paths. The impact of this vulnerability is limited as attackers cannot...

@lobehub/chat Server Side Request Forgery vulnerability

Summary lobe-chat before 1.19.13 has an unauthorized ssrf vulnerability. An attacker can construct malicious requests to cause SSRF without logging in, attack intranet services, and leak sensitive information. Details visit https://chat-preview.lobehub.com/ click settings - llm - openai fill the...

PT-2021-3989 · WordPress · Rsvpmaker

Name of the Vulnerable Software and Affected Versions: RSVPMaker WordPress plugin versions prior to 8.7.3 Description: The issue is related to the Import feature of the RSVPMaker WordPress plugin, specifically with the "/wp-admin/tools.php?page=rsvpmaker export screen" endpoint. It is caused by...

DEBIAN-CVE-2021-23982

Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR 78.9, Firefox 87, and Thunderbird 78.9...

UBUNTU-CVE-2021-23982

Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR 78.9, Firefox 87, and Thunderbird 78.9...

SAP BusinessObjects Business Intelligence Platform Cross-Site Request Forgery Vulnerability

SAP BusinessObjects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP. The product has report generation, analysis, data visualization and other functions. A cross-site request forgery vulnerability exists in SAP...

Exploit for Server-Side Request Forgery in Emby

msfemby This tool will check a remote EMBY server to attempt...

DNS reconnaissance tool: Fierce

Fierce is a DNS reconnaissance tool for locating non-contiguous IP space Fierce is a semi-lightweight scanner that helps locate non-contiguous IP space and hostnames against specified domains. It’s really meant as a pre-cursor to nmap, unicornscan, nessus, nikto, etc, since all of those require...

CVE-2010-1637

CVE-2010-1637 affects SquirrelMail up to version 1.4.20 with the Mail Fetch plugin. The vulnerability allows remote authenticated users to bypass firewall rules and proxy through a modified POP3 port to scan internal networks. The documented impact is limited to port-scanning capability via the M...

PT-2010-3300 · Horde · Horde Imp

Name of the Vulnerable Software and Affected Versions: Horde IMP plugin affected versions not specified Description: The issue allows remote attackers to bypass firewall restrictions and use Horde as a proxy to scan internal networks via a crafted request to an unspecified test script. This is on...