46 matches found
CVE-2024-12450
In infiniflow/ragflow versions 0.12.0, the webcrawl function in documentapp.py contains multiple vulnerabilities. The function does not filter URL parameters, allowing attackers to exploit Full Read SSRF by accessing internal network addresses and viewing their content through the generated PDF...
Azure Linux 3.0 Security Update: httpd (CVE-2024-38472)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-38472 advisory. - SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF a...
Mitmweb API Authentication Bypass Using Proxy Server
Impact In mitmweb 11.1.0 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal API bound to 127.0.0.1:8081 by default. In other words, while the client cannot access the API directly good, they can access the API through the proxy bad...
CVE-2024-42467
openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. Prior to version 4.2.1, the proxy endpoint of openHAB's CometVisu add-on can be accessed without authentication. This proxy-feature can be exploited as Server-Side Request Forger...
Exploit for Server-Side Request Forgery in Microsoft
SSRF Exploit Script This repository contains a script designe...
Exploit for CVE-2024-34351
CVE-2024-34351 Exploit - CVE-2024-34351 PoChttps://github...
Exploit for Code Injection in Apache Ofbiz
Apache OFBiz Authentication Bypass Vulnerability CVE-2023-514...
JSM file_get_contents() Shortcode < 2.7.1 - Contributor+ SSRF
Description The plugin does not validate one of its shortcode's parameters before making a request to it, which could allow users with contributor role and above to perform SSRF attacks. wpfgc url="http://127.0.0.1:8084"...
Exploit for Server-Side Request Forgery in Resf Rocky_Linux
CVE-2021-40438 - Apache = 2.4.48 - SSRF Python exploit A craf...
Webedition CMS 2.9.8.8 Server-Side Request Forgery
Exploit Title: Webedition CMS v2.9.8.8 - Blind SSRF Application: Webedition CMS Version: v2.9.8.8 Bugs: Blind SSRF Technology: PHP Vendor URL: https://www.webedition.org/ Software Link: https://download.webedition.org/releases/OnlineInstaller.tgz?p=1 Date of found: 07.09.2023 Author: Mirabbas...
Design/Logic Flaw
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or an external calendar in planning is subject to SSRF exploit. In case a remote...
CVE-2022-39276 Blind Server-Side Request Forgery (SSRF) in RSS feeds and planning
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or an external calendar in planning is subject to SSRF exploit. In case a remote...
CVE-2022-39276
GLPI (Gestionnaire Libre de Parc Informatique) contains a SSRF-type issue in the planning features (RSS feeds or external calendar). If a remote script returns a redirect, the target URL isn’t checked against the administrator’s allow-list, enabling potential redirection-based access. This CVE (C...
CVE-2022-39276 Blind Server-Side Request Forgery (SSRF) in RSS feeds and planning
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or an external calendar in planning is subject to SSRF exploit. In case a remote...
CVE-2022-36112
GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or extenal calendar in planning is subject to SSRF exploit. Server-side requests ca...
CVE-2022-36112
GLPI (Gestionnaire Libre de Parc Informatique) contains a blind Server-Side Request Forgery (SSRF) vulnerability (CVE-2022-36112) affecting RSS feeds and planning features. The underlying issue allows server-side requests to be made from the GLPI server to internal ports/services on its private n...
Post SMTP < 2.1.7 - Admin+ Blind SSRF
The plugin does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example. Navigate to https://example.com/wp-admin/admin.php?page=postman%2Fporttest Inside "Outgoing Mail Server Hostname"...
CVE-2022-0086 Server-Side Request Forgery (SSRF) in transloadit/uppy
uppy is vulnerable to Server-Side Request Forgery SSRF...
CKEditor 3 Server-Side Request Forgery
Exploit Title: CKEditor 3 - Server-Side Request Forgery SSRF Google Dorks : inurl /editor/filemanager/connectors/uploadtest.html Date: 12-6-2021 Exploit Author: Blackangel Software Link: https://ckeditor.com/ Version:all version under 4 1,2,3 Tested on: windows 7 Steps of Exploit:- 1-using google...
Exploit for Server-Side Request Forgery in F5 Big-Ip_Access_Policy_Manager
Vuln Impact This vulnerability allows for unauthenticated at...