Parallels Remote Application Server Information Disclosure Vulnerability

Parallels Remote Application Server RAS is an application delivery and VDI Virtual Desktop Infrastructure solution from Parallels, Inc. in the United States. A security vulnerability exists in Parallels Remote Application Server that allows a remote attacker to discover an intranet IP address...

Server Side Request Forgery (SSRF)

Wordpress is vulnerable to local server side request forgery SSRF attacks. The attacks are possible because the application ignores octal and hexadecimal IP address formats for intranet address, allowing attackers to escape the SSRF protection mechanism through malicious IP addresses...

CVE-2016-4029

WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address...

DEBIAN-CVE-2016-4029

WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address...

PT-2016-5814 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 4.5 Description: The issue allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address, as WordPress does not consider octal and hexadecimal IP address formats when determining an...