Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Exploit DB
Exploit DBadded 2026/04/06 12:0 a.m.116 views

is-localhost-ip 2.0.0 - SSRF

Titles: is-localhost-ip 2.0.0 - SSRF Author: nu11secur1ty Date: 11/09/2025 Vendor: https://github.com/tinovyatkin/is-localhost-ip Software: https://github.com/tinovyatkin/is-localhost-ip/releases/tag/v2.0.0 Reference: https://portswigger.net/web-security/ssrf Description: SSRF PoC — Professional...

6.9CVSS5.9AI score0.00357EPSS
Exploits2
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2019-3810

Malware in sbrugna...

8.8CVSS8.8AI score0.01068EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/22 6:21 a.m.4 views

CVE-2019-12161

WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider octal encoding of IP addresses such as 0300.0250 as a replacement for 192.168...

8.8CVSS6.9AI score0.01068EPSS
Exploits0References1
NVD
NVDadded 2019/05/17 7:29 p.m.10 views

CVE-2019-12161

WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider octal encoding of IP addresses such as 0300.0250 as a replacement for 192.168...

8.8CVSS8.7AI score0.01068EPSS
Exploits0References1
Prion
Prionadded 2019/05/17 7:29 p.m.13 views

Server side request forgery (ssrf)

WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider octal encoding of IP addresses such as 0300.0250 as a replacement for 192.168...

4CVSS8.6AI score0.01068EPSS
Exploits0References1Affected Software1
Hacker One
Hacker Oneadded 2017/11/07 8:7 p.m.18 views

AlienVault : SSRF bypass #2 (using octal encoding) on the https://www.threatcrowd.org/domain.php

Description The latest SSRF fixes can be bypassed, using octal encoding of the AWS IP. There is other more general bypass, which can't be fixed using blacklisting - it's reported in the 288183. POC https://www.threatcrowd.org/domain.php?domain=0251.00376.000251.0000376 F237500 Suggested fix As wa...

6.6AI score
Exploits0
securityvulns
securityvulnsadded 2014/10/17 12:0 a.m.50 views

Bypassing blacklists based on IPy

IPy is a Python "class and tools for handling of IPv4 and IPv6 addresses and networks" https://github.com/haypo/python-ipy. This library is sometimes used to implement blacklists forbidding internal, private or loopback addresses. Using octal encoding supported by urllib2, it is possible to bypas...

0.7AI score
Exploits0
GitLab Advisory Database
GitLab Advisory Databaseadded 2014/10/16 12:0 a.m.11 views

Incomplete List of Disallowed Inputs

A flaw in the iptype function is triggered when handling octal encoding. This may allow a remote attacker to bypass the IP exclusion feature...

2.4AI score
Exploits0References2Affected Software1
Packet Storm
Packet Stormadded 2014/10/16 12:0 a.m.24 views

IPy Blacklist Bypass

IPy is a Python "class and tools for handling of IPv4 and IPv6 addresses and networks" https://github.com/haypo/python-ipy. This library is sometimes used to implement blacklists forbidding internal, private or loopback addresses. Using octal encoding supported by urllib2, it is possible to bypas...

Exploits0
Rows per page
Query Builder