Lucene search
+L

4 matches found

Vulnrichment
Vulnrichment
added 2025/09/09 12:0 a.m.2 views

CVE-2025-44594

halo v2.20.17 and before is vulnerable to server-side request forgery SSRF in /apis/uc.api.storage.halo.run/v1alpha1/attachments/-/upload-from-url...

6.4AI score0.00348EPSS
Exploits0References1
CVE
CVE
added 2025/09/09 12:0 a.m.22 views

CVE-2025-44594

Halo v2.20.17 and earlier exposes a server‑side request forgery (SSRF) in the API endpoint /apis/uc.api.storage.halo.run/v1alpha1/attachments/-/upload-from-url. Multiple sources confirm the issue and classify CVSSv3.1 as CRITICAL (9.1) with network attack vector, no privileges required and no use...

9.1CVSS6.5AI score0.00348EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/09/07 7:15 p.m.3 views

CVE-2021-39195

Misskey is an open source, decentralized microblogging platform. In affected versions a Server-Side Request Forgery vulnerability exists in "Upload from URL" and remote attachment handling. This could result in the disclosure of non-public information within the internal network. This has been...

7.7CVSS6.6AI score0.01062EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2019/12/30 12:0 a.m.11 views

PT-2019-14833

Name of the Vulnerable Software and Affected Versions Tiny File Manager versions prior to 2.3.9 Description The issue allows for remote code execution through the Upload from URL feature and the Edit/Rename files functionality. It affects only authenticated users. Recommendations For versions pri...

8.8CVSS8.9AI score0.01243EPSS
Exploits0References5
Rows per page
Query Builder