4 matches found
CVE-2026-42147
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, S3 storage endpoint validation only checks URL format and testConnection sends a server-side request to the configured endpoint, allowing an authenticated user with storage...
CVE-2026-25084 ZLAN Information Technology ZLAN5143D Missing Authentication for Critical Function
Authentication for ZLAN5143D can be bypassed by directly accessing internal URLs...
CVE-2021-29954
Proxy functionality built into Hubs Cloud’s Reticulum software allowed access to internal URLs, including the metadata service. This vulnerability affects Hubs Cloud mozillareality/reticulum/1.0.1/20210428201255...
WordPress SSRF Vulnerability
WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in WordPress versions prior to 4.5, which stems from the program ignoring oct...