Lucene search
K

25502 matches found

Nuclei
Nuclei
added yesterday346 views

Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery

WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value in com/wavemaker/studio/StudioService.java, leading to disclosure of local files and server-side request forgery. id: CVE-2019-8982 info: name: Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request...

9.6CVSS7.2AI score0.25563EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday113 views

WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery

WordPress PhonePe Payment Solutions plugin through 1.0.15 is susceptible to server-side request forgery. An attacker can cause a website to execute website requests to an arbitrary domain, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized...

7.5CVSS7.3AI score0.37673EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday46 views

Radio Player <= 2.0.82 - Server-Side Request Forgery

The Radio Player Live Shoutcast, Icecast and Any Audio Stream Player for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.0.82. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...

7.2CVSS7.2AI score0.05112EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday15 views

Gradio - Server-Side Request Forgery

A Server-Side Request Forgery SSRF vulnerability exists in the gradio-app/gradio version 4.21.0, specifically within the /queue/join endpoint and the saveurltocache function. The vulnerability arises when the path value, obtained from the user and expected to be a URL, is used to make an HTTP...

8.6CVSS7.1AI score0.37366EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday79 views

Apache HTTPd Windows UNC - Server-Side Request Forgery

SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note- Existing configurations that access UNC paths will have to configure new...

7.5CVSS6.7AI score0.6795EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday16 views

LoLLMs WEBUI - Server-Side Request Forgery

LoLLMs WEBUI contains a server-side request forgery caused by unauthenticated access to the /api/proxy endpoint, letting attackers force the server to make arbitrary GET requests, exploit requires no authentication. id: CVE-2026-33340 info: name: LoLLMs WEBUI - Server-Side Request Forgery author:...

9.1CVSS6AI score0.21629EPSS
Exploits3References2
Nuclei
Nuclei
added yesterday13 views

WordPress Contact Form by Supsystic - Server-Side Template Injection

Contact Form by Supsystic WordPress plugin = 1.7.36 contains a server-side template injection caused by unsandboxed TwigLoaderString and cfsPreFill functionality, letting unauthenticated attackers execute arbitrary code remotely via GET parameters. id: CVE-2026-4257 info: name: WordPress Contact...

9.8CVSS6.3AI score0.41475EPSS
Exploits7References3
Nuclei
Nuclei
added yesterday14 views

Astro SSR - Server-Side Request Forgery

Astro before 5.17.3 and @astrojs/node before 9.5.4 are vulnerable to full-read SSRF due to improper Host header validation in error page rendering, allowing attackers to redirect requests and access internal resources. id: CVE-2026-25545 info: name: Astro SSR - Server-Side Request Forgery author:...

8.6CVSS5.9AI score0.01414EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday14 views

Everest Forms Pro <= 1.9.12 - Unauthenticated RCE via Calculation Formula Injection

The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Execution via PHP Code Injection in all versions up to, and including, 1.9.12. This is due to the Calculation Addon's processfilter function concatenating user-submitted form field values into a PHP code string without proper...

9.8CVSS6.5AI score0.40992EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday23 views

Qualitor <= v8.24 - Server-Side Request Forgery

Qualitor v8.24 was discovered to contain a Server-Side Request Forgery SSRF via the component /request/viewValidacao.php. id: CVE-2024-48360 info: name: Qualitor = v8.24 - Server-Side Request Forgery author: s4e-io severity: high description: | Qualitor v8.24 was discovered to contain a Server-Si...

7.5CVSS5.9AI score0.03905EPSS
Exploits3References3
Nuclei
Nuclei
added yesterday14 views

Cisco Finesse - Server-Side Request Forgery (SSRF)

Cisco Finesse contains an SSRF caused by insufficient validation of user-supplied input in HTTP requests, letting unauthenticated remote attackers access limited sensitive information, exploit requires sending crafted HTTP requests. id: CVE-2024-20404 info: name: Cisco Finesse - Server-Side Reque...

7.2CVSS7.1AI score0.231EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday38 views

vRealize Operations Manager API - Server-Side Request Forgery

vRealize Operations Manager API is susceptible to server-side request forgery. A malicious actor with network access to the vRealize Operations Manager API can steal administrative credentials or trigger remote code execution using CVE-2021-21983. id: CVE-2021-21975 info: name: vRealize Operation...

8.5CVSS7.7AI score0.7829EPSS
Exploits12References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-42054

Vtiger CRM through 8.4.0 contains an authenticated remote code execution vulnerability in the admin module import feature that allows administrator-level attackers to upload arbitrary PHP files by submitting a crafted zip archive through the ModuleManager import function, which extracts contents...

8.6CVSS6.7AI score
Exploits1References3
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-34170

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the GithubApp apiurl field is used as the base URL for server-side HTTP requests without allowlisting or private IP blocking, allowing an authenticated user to configure a...

4.3CVSS6AI score0.00171EPSS
Exploits0References2Affected Software1
CVE
CVE
added yesterday11 views

CVE-2026-34170

CVE-2026-34170 affects Coolify before 4.0.0-beta.471, where the GithubApp api_url field is used as the base URL for server-side HTTP requests without proper allowlisting or private IP blocking. An authenticated user can configure a GitHub App source that makes Coolify issue requests to internal s...

4.3CVSS6AI score0.00171EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday19 views

CVE-2026-34170 Coolify: Server-Side Request Forgery via attacker-controlled GitHub App API URL

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the GithubApp apiurl field is used as the base URL for server-side HTTP requests without allowlisting or private IP blocking, allowing an authenticated user to configure a...

4.3CVSS0.00171EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-42147

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, S3 storage endpoint validation only checks URL format and testConnection sends a server-side request to the configured endpoint, allowing an authenticated user with storage...

4.9CVSS5.9AI score0.00255EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added yesterday19 views

CVE-2026-42147 Coolify: SSRF via S3 Storage Endpoint in testConnection()

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, S3 storage endpoint validation only checks URL format and testConnection sends a server-side request to the configured endpoint, allowing an authenticated user with storage...

4.9CVSS0.00255EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2 days ago9 views

Dragonfly scheduler v1 and v2 gRPC unauthenticated SSRF via attacker-controlled PeerHost in DownloadTinyFile

Summary The Dragonfly scheduler's v1 gRPC service contains an unauthenticated Server-Side Request Forgery SSRF. When a peer reports a successful download of a TINY task, the scheduler calls Peer.DownloadTinyFile and issues an HTTP GET to a host and port taken verbatim from the attacker-controlled...

6.3AI score
Exploits0References11Affected Software1
OSV
OSV
added 2 days ago4 views

GHSA-CHWM-M7G7-685G Dragonfly scheduler v1 and v2 gRPC unauthenticated SSRF via attacker-controlled PeerHost in DownloadTinyFile

Summary The Dragonfly scheduler's v1 gRPC service contains an unauthenticated Server-Side Request Forgery SSRF. When a peer reports a successful download of a TINY task, the scheduler calls Peer.DownloadTinyFile and issues an HTTP GET to a host and port taken verbatim from the attacker-controlled...

6.9CVSS6.3AI score
Exploits0References11
Rows per page
Query Builder