Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Veracode
Veracodeadded 2025/11/10 9:14 a.m.9 views

Server-Side Request Forgery (SSRF)

cors-anywhere is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to instances being configured as open proxies that forward attacker-controlled target URLs, methods, and headers without restriction, which allows an attacker to induce requests to internal-only endpoints...

9.5CVSS7AI score0.01005EPSS
Exploits0References7Affected Software1
NVD
NVDadded 2024/03/12 12:15 a.m.11 views

CVE-2023-49785

NextChat, also known as ChatGPT-Next-Web, is a cross-platform chat user interface for use with ChatGPT. Versions 2.11.2 and prior are vulnerable to server-side request forgery and cross-site scripting. This vulnerability enables read access to internal HTTP endpoints but also write access using...

9.8CVSS8.9AI score0.83163EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2024/03/11 11:26 p.m.14 views

CVE-2023-49785 NextChat vulnerable to Server-Side Request Forgery and Cross-site Scripting

NextChat, also known as ChatGPT-Next-Web, is a cross-platform chat user interface for use with ChatGPT. Versions 2.11.2 and prior are vulnerable to server-side request forgery and cross-site scripting. This vulnerability enables read access to internal HTTP endpoints but also write access using...

9.1CVSS8.8AI score0.83163EPSS
Exploits1References2
MSRC
MSRCadded 2023/06/16 7:0 a.m.20 views

Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks

Summary Summary Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability. Microsoft promptly opened an investigation and subsequently began tracking ongoing DDoS activity by the threat actor that Microsoft tracks as...

6.9AI score
Exploits0
MSRC
MSRCadded 2023/06/16 7:0 a.m.14 views

Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks

Summary Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability. Microsoft promptly opened an investigation and subsequently began tracking ongoing DDoS activity by the threat actor that Microsoft tracks as Storm-1359. Thes...

7.2AI score
Exploits0
CNNVD
CNNVDadded 2021/09/22 12:0 a.m.3 views

WordPress 插件 代码问题漏洞

WordPress Plugin is an open source application plugin for WordPress. A code issue vulnerability exists in the WordPress plugin, which stems from a user-supplied URL request value being invoked by a curl request, making the Telefication plugin susceptible to open proxies and server-side request...

5.8CVSS5.9AI score0.01333EPSS
Exploits0References4
Rows per page
Query Builder