343 matches found
httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"
A Server-Side Request Forgery SSRF flaw was found in modproxy of httpd. This flaw allows a remote, unauthenticated attacker to make the httpd server forward requests to an arbitrary server. The attacker could get, modify, or delete resources on other services that may be behind a firewall and...
CVE-2021-34706
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to access sensitive information or conduct a server-side request forgery SSRF attack through an affected device. This vulnerability is due to improper handling...
CVE-2021-22026
The vRealize Operations Manager API 8.x prior to 8.5 contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure...
XStream: SSRF can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. No user is...
UBUNTU-CVE-2021-20280
Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...
jenkins-2-plugins/subversion: XML parser is not preventing XML external entity (XXE) attacks
A flaw was found in the subversion Jenkins plugin. The XML parser is not properly configured to prevent XML external entity XXE attacks allowing an attacker the ability to control an agent process and have Jenkins parse a crafted changelog file that uses external entities for extraction of secret...
PT-2020-16409 · Medikoo · Uri.Js
Name of the Vulnerable Software and Affected Versions: URI.js versions prior to 1.19.4 Description: The hostname can be spoofed by using a backslash character followed by an at @ character. If the hostname is used in security decisions, the decision may be incorrect. Depending on library usage an...
CVE-2020-7740
This affects all versions of package node-pdf-generator. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to craft a url that will be passed to an external server allowing an SSRF attack...
CVE-2019-19835
SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/rcmdstat.jsp URI...
Apache Olingo SSRF Attack Vulnerability
Apache Olingo is a U.S. Apache Apache Software Foundation for the implementation of Open Data Protocol OData, Open Data Protocol Java library. Apache Olingo SSRF attack vulnerability can be exploited by an attacker to trick a client into connecting to a malicious server, then the server can cause...
CVE-2019-12852
An SSRF attack was possible on a JetBrains YouTrack server. The issue 1 of 2 was fixed in JetBrains YouTrack 2018.4.49168...
Multiple vulnerabilities in Cybozu Garoon
Overview Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. Cross-site scripting in the additional processing of Customize Item function CWE-79 - CVE-2019-5928 Cross-site scripting in the application "Memo" CWE-79 - CVE-2019-5929 Browse restriction bypass in th...
The vulnerability of the MailConnect function in the software controller allows for an SSRF attack by the intruder, enabling them to carry out a malicious action. This vulnerability is present in the D-Link Central WiFi Manager, a device used for centralized control of wireless networks.
The vulnerability of the MailConnect function in the D-Link Central WiFi Manager software control panel exists due to insufficient checking of incoming requests. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...
CloudBees Jenkins Crowd 2 Integration Plugin Server Request Forgery Vulnerability
CloudBees Jenkins formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. It is mainly used to monitor continuous software version release/testing projects and some timed tasks.Crowd 2 Integration Plugin is used in which a Authentication Plugin. A...
CVE-2018-1000820
neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity XXE vulnerability in XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This vulnerability appears to have been fixed in after commit 45bc09c...
CVE-2018-20228
Subsonic V6.1.5 allows internetRadioSettings.view streamUrl CSRF, with resultant SSRF...
CVE-2018-1000652
JabRef version =4.3.1 contains a XML External Entity XXE vulnerability in MsBibImporter XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted MsBib file. This...
CVE-2018-12463
An XML external entity XXE vulnerability in Fortify Software Security Center SSC, version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request...
CVE-2018-8939
An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold before 2018 18.0. Malicious actors can submit specially crafted requests via the NmAPI executable to 1 gain unauthorized access to the WhatsUp Gold system, 2 obtain information about the WhatsUp Gold system, or 3 execute remote...
CVE-2017-16865
The Trello importer in Atlassian Jira before version 7.6.1 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery SSRF. When running in an environment like Amazon EC2, this flaw maybe used to access to a metadata resource that provides access...