31 matches found
CVE-2024-41813
txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Starting in version 1.4.0 and prior to version 1.6.1, a Server-Side Request Forgery SSRF vulnerability in the /proxy route of txtdot allows remote attackers to use the server as a proxy ...
CVE-2024-41813 txtdot SSRF vulnerability in /proxy
txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Starting in version 1.4.0 and prior to version 1.6.1, a Server-Side Request Forgery SSRF vulnerability in the /proxy route of txtdot allows remote attackers to use the server as a proxy ...
CVE-2024-41813 txtdot SSRF vulnerability in /proxy
txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Starting in version 1.4.0 and prior to version 1.6.1, a Server-Side Request Forgery SSRF vulnerability in the /proxy route of txtdot allows remote attackers to use the server as a proxy ...
PT-2024-29580 · Txtdot · Txtdot
Name of the Vulnerable Software and Affected Versions: txtdot versions 1.4.0 through 1.6.0 Description: A Server-Side Request Forgery SSRF issue exists in the /proxy route, allowing remote attackers to send HTTP GET requests to arbitrary targets and retrieve internal network information...
Server Side Request Forgery (SSRF)
gradio is vulnerable to Server Side Request Forgery SSRF. The vulnerability is due to the /proxy route allowing users to proxy arbitrary URLs include potentially internal endpoints. Attackers can proxy arbitrary URLs by exploiting this vulnerability...
gradio Server-Side Request Forgery vulnerability
An SSRF vulnerability exists in the gradio-app/gradio due to insufficient validation of user-supplied URLs in the /proxy route. Attackers can exploit this vulnerability by manipulating the self.replicaurls set through the X-Direct-Url header in requests to the / and /config routes, allowing the...
PT-2024-19175
Name of the Vulnerable Software and Affected Versions gradio-app/gradio affected versions not specified Description A vulnerability exists due to insufficient validation of user-supplied URLs in the "/proxy" route. Attackers can exploit this by manipulating the self.replica urls set through the...
CVE-2022-22197
An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service DoS. This issue occurs when...
Siren Investigate Cross-Site Request Forgery Vulnerability
Siren Investigate is a front-end to the Siren platform from Siren Ireland, allowing the creation of dashboards, charts, link analysis, alerts, etc. A cross-site request forgery vulnerability exists in versions of Siren Investigate prior to 11.1.1, which can be exploited by an attacker to specify...
CVE-2021-31216
Siren Investigate before 11.1.1 contains a server side request forgery SSRF defect in the built-in image proxy route which is enabled by default. An attacker with access to the Investigate installation can specify an arbitrary URL in the parameters of the image proxy route and fetch external URLs...
Server side request forgery (ssrf)
Siren Investigate before 11.1.1 contains a server side request forgery SSRF defect in the built-in image proxy route which is enabled by default. An attacker with access to the Investigate installation can specify an arbitrary URL in the parameters of the image proxy route and fetch external URLs...