Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2024/11/15 10:51 a.m.15 views

CVE-2021-3742 Server-Side Request Forgery (SSRF) in chatwoot/chatwoot

A Server-Side Request Forgery SSRF vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.5.0. The vulnerability allows an attacker to upload an SVG file containing a malicious SSRF payload. When the SVG file is used as an avatar and opened in a new tab, it can trigg...

7.9CVSS0.00163EPSS
Exploits0References2
GithubExploit
GithubExploitadded 2024/08/03 4:8 p.m.1471 views

Exploit for Server-Side Request Forgery in Apache Http_Server

It is an offensive tool for web applications. The repository app...

7.5CVSS6.9AI score0.90555EPSS
Exploits1
OSV
OSVadded 2024/06/26 5:15 a.m.22 views

CVE-2024-34580

Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing XMLDsig specification without protection against an SSRF payload in a KeyInfo element. NOTE: the project disputes this CVE Record on the grounds that any vulnerabilities are the result of a failure to...

8.2CVSS7.7AI score0.94319EPSS
Exploits5References7
Positive Technologies
Positive Technologiesadded 2022/11/10 12:0 a.m.1 views

PT-2022-17659 · Bmc · Bmc Remedy

Name of the Vulnerable Software and Affected Versions: BMC Remedy versions prior to 22.1 Description: An issue was discovered in BMC Remedy where Email-based Incident Forwarding allows remote authenticated users to inject HTML, such as an SSRF payload, into the Activity Log by placing it in the T...

5.4CVSS5.3AI score0.00404EPSS
Exploits3References7
CVE
CVEadded 2022/11/10 12:0 a.m.53 views

CVE-2022-26088

CVE-2022-26088 affects BMC Remedy ITSM Suite prior to 22.1. Email-based Incident Forwarding can let remote authenticated users inject HTML (including SSRF payloads) into the Activity Log by placing content in the To: field, influencing rendering when the number of recipients is clicked. The vulne...

5.4CVSS5.2AI score0.00404EPSS
Exploits3References3Affected Software1
Hacker One
Hacker Oneadded 2020/06/03 4:59 p.m.97 views

h1-ctf: [H1-2006 2020] "Swiss Cheese" design style leads to helping Mårten Mickos pay poor hackers

Summary: Several vulnerabilities in the bountypay application leads to unauthorised access, information disclosure, SSRF and other fun stuff. Steps To Reproduce: This is how I helped Mårten Mickos pay the poor hackers who had been waiting so long for their bounties. First part: Web I started by...

6.5AI score
Exploits0
Hacker One
Hacker Oneadded 2020/04/21 2:56 p.m.81 views

GitLab: Injection of `http.<url>.*` git config settings leading to SSRF

Summary When import a repo with credentials via a URL, gitaly generates the git clone command with a -c flag to add the Authorization header: https://gitlab.com/gitlab-org/gitaly/-/blob/master/internal/service/repository/createfromurl.goL37 go flags = appendflags, git.ValueFlagName: "-c", Value:...

0.4AI score
Exploits0
Rows per page
Query Builder