Lucene search
K

16 matches found

CVE
CVE
added 2026/06/15 12:0 a.m.15 views

CVE-2026-50888

The CVE-2026-50888 entry concerns an authenticated Server-Side Request Forgery (SSRF) in the custom scraper subsystem component of Benjamin Jonard Koillection v1.8.0. The underlying issue allows an authenticated attacker to cause the application to fetch internal resources by supplying a crafted ...

8.1CVSS5.3AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.29 views

CVE-2026-50888

An authenticated Server-Side Request Forgery SSRF in the custom scraper subsystem component of Benjamin Jonard Koillection v1.8.0 allows attackers to scan internal resources via supplying a crafted URL...

0.00248EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.9 views

PT-2026-49328

Name of the Vulnerable Software and Affected Versions shlink version 5.0.1 Description A Server-Side Request Forgery SSRF exists in the automatic short URL title resolution component. This allows attackers to scan internal resources by providing a crafted longUrl variable. Recommendations At the...

9.1CVSS5.9AI score0.00287EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.8 views

PT-2026-49329

Name of the Vulnerable Software and Affected Versions Benjamin Jonard Koillection version 1.8.0 Description An authenticated Server-Side Request Forgery SSRF exists in the custom scraper subsystem component. This allows attackers to scan internal resources by supplying a crafted URL. SSRF is a fl...

8.1CVSS5.9AI score0.00248EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.27 views

CVE-2026-50887

A Server-Side Request Forgery SSRF in the automatic short URL title resolution component of shlink v5.0.1 allows attackers to scan internal resources via supplying a crafted longUrl...

0.00287EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.10 views

CVE-2026-36756

A Server-Side Request Forgery SSRF in the /plugins/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

5.4CVSS5.5AI score0.00143EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.7 views

PT-2026-36118

A Server-Side Request Forgery SSRF in the /themes/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

4.3CVSS5.2AI score0.00168EPSS
Exploits0References3
CVE
CVE
added 2026/04/30 12:0 a.m.13 views

CVE-2026-36759

The CVE-2026-36759 entry describes a Server-Side Request Forgery (SSRF) in halo v2.22.14 affecting the /themes/{name}/upgrade-from-uri endpoint. authenticated attackers can issue a crafted GET request to scan internal resources. The provided data includes CVSS v3.1 metrics (base score 6.5, MEDIUM...

6.5CVSS5.2AI score0.00209EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/30 12:0 a.m.3 views

CVE-2026-36757

A Server-Side Request Forgery SSRF in the /plugins/name/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

4.3CVSS5.2AI score0.00172EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/14 6:30 p.m.4 views

EUVD-2026-22298

A Server-Side Request Forgery SSRF in the /settings/webhooks/create component of Webkul Krayin CRM v2.2.x allows attackers to scan internal resources via supplying a crafted POST request...

8.5CVSS5.8AI score0.00249EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/04/14 6:30 p.m.7 views

Webkul Krayin CRM has Server-Side Request Forgery (SSRF)

A Server-Side Request Forgery SSRF in the /settings/webhooks/create component of Webkul Krayin CRM v2.2.x allows attackers to scan internal resources via supplying a crafted POST request...

8.5CVSS5.8AI score0.00249EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/04/14 4:16 p.m.4 views

CVE-2026-38527

A Server-Side Request Forgery SSRF in the /settings/webhooks/create component of Webkul Krayin CRM v2.2.x allows attackers to scan internal resources via supplying a crafted POST request...

8.5CVSS0.00249EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.7 views

PT-2026-32681

CVE-2026-38527 A Server-Side Request Forgery SSRF in the /settings/webhooks/create component of Webkul Krayin CRM v2.2.x allows attackers to scan internal resources via supplying … https://t.co/UnVbPvc3Tv...

8.5CVSS5.7AI score0.00249EPSS
Exploits1References5
NVD
NVD
added 2025/11/06 7:15 p.m.3 views

CVE-2025-60541

A Server-Side Request Forgery SSRF in the /api/proxy/ component of linshenkx prompt-optimizer v1.3.0 to v1.4.2 allows attackers to scan internal resources via a crafted request...

7.3CVSS0.00208EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/11/06 12:0 a.m.9 views

CVE-2025-60541

A Server-Side Request Forgery SSRF in the /api/proxy/ component of linshenkx prompt-optimizer v1.3.0 to v1.4.2 allows attackers to scan internal resources via a crafted request...

0.00208EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.3 views

Prompt Optimizer 安全漏洞

Prompt Optimizer is a prompt word optimizer by and Alchemy Time Personal Developer. A security vulnerability exists in Prompt Optimizer versions 1.3.0 through 1.4.2, which stems from a server-side request forgery in the /api/proxy component, which could allow an attacker to scan internal resource...

7.3CVSS6.7AI score0.00208EPSS
Exploits1References3
Rows per page
Query Builder