Total
2086 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-12779 | 1 Infiniflow | 1 Ragflow | 2025-04-01 | N/A | 7.5 HIGH |
|
A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the `POST /v1/llm/add_llm` and `POST /v1/conversation/tts` endpoints. Attackers can specify an arbitrary URL as the `api_base` when adding an `OPENAITTS` model, and subsequently access the `tts` REST API endpoint to read contents from the specified URL. This can lead to unauthorized access to internal web resources.
|
|||||
| CVE-2024-8952 | 1 Composio | 1 Composio | 2025-04-01 | N/A | 7.5 HIGH |
|
A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOL_SCRAPE_WEBSITE_CONTENT endpoint. This vulnerability allows an attacker to read files, access AWS metadata, and interact with local services on the system.
|
|||||
| CVE-2025-31527 | 2025-04-01 | N/A | 6.4 MEDIUM | ||
|
Server-Side Request Forgery (SSRF) vulnerability in Kishan WP Link Preview allows Server Side Request Forgery. This issue affects WP Link Preview: from n/a through 1.4.1.
|
|||||
| CVE-2025-31796 | 2025-04-01 | N/A | 5.4 MEDIUM | ||
|
Server-Side Request Forgery (SSRF) vulnerability in TheInnovs Team ElementsCSS Addons for Elementor allows Server Side Request Forgery. This issue affects ElementsCSS Addons for Elementor: from n/a through 1.0.8.7.
|
|||||
| CVE-2024-48590 | 1 Inflectra | 1 Spirateam | 2025-04-01 | N/A | 9.8 CRITICAL |
|
Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information.
|
|||||
| CVE-2024-0677 | 1 Popozure | 1 Pz-linkcard | 2025-04-01 | N/A | 5.1 MEDIUM |
|
The Pz-LinkCard WordPress plugin through 2.5.1 does not prevent users from pinging arbitrary hosts via some of its shortcodes, which could allow high privilege users such as contributors to perform SSRF attacks.
|
|||||
| CVE-2022-46998 | 1 Taogogo | 1 Taocms | 2025-04-01 | N/A | 9.8 CRITICAL |
|
An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side Request Forgery (SSRF).
|
|||||
| CVE-2024-48944 | 1 Apache | 1 Kylin | 2025-04-01 | N/A | 6.5 MEDIUM |
|
Server-Side Request Forgery (SSRF) vulnerability in Apache Kylin. Through a kylin server, an attacker may forge a request to invoke "/kylin/api/xxx/diag" api on another internal host and possibly get leaked information. There are two preconditions: 1) The attacker has got admin access to a kylin server; 2) Another internal host has the "/kylin/api/xxx/diag" api
endpoint open for service.
This issue affects Apache Kylin: from 5.0.0
through
5.0.1.
Users are recommended to upgrade to version ...
Show More |
|||||
| CVE-2025-2835 | 1 Zhyd | 1 Oneblog | 2025-04-01 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic. Affected by this vulnerability is the function autoLink of the file com/zyd/blog/controller/RestApiController.java. The manipulation leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2024-28668 | 1 Dedecms | 1 Dedecms | 2025-04-01 | N/A | 6.1 MEDIUM |
|
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/mychannel_add.php
|
|||||
| CVE-2024-44677 | 1 Eladmin | 1 Eladmin | 2025-03-31 | N/A | 9.8 CRITICAL |
|
eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an attacker to execute arbitrary code via the DatabaseController.java component.
|
|||||
| CVE-2023-45705 | 1 Hcltech | 1 Bigfix Platform | 2025-03-28 | N/A | 3.5 LOW |
|
An administrative user of WebReports may perform a Server Side Request Forgery (SSRF) exploit through SMTP configuration options.
|
|||||
| CVE-2025-31076 | 2025-03-28 | N/A | 4.9 MEDIUM | ||
|
Server-Side Request Forgery (SSRF) vulnerability in WP Compress WP Compress for MainWP allows Server Side Request Forgery. This issue affects WP Compress for MainWP: from n/a through 6.30.03.
|
|||||
| CVE-2024-44721 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 9.8 CRITICAL |
|
SeaCMS v13.1 was discovered to a Server-Side Request Forgery (SSRF) via the url parameter at /admin_reslib.php.
|
|||||
| CVE-2023-24623 | 1 Paranoidhttp Project | 1 Paranoidhttp | 2025-03-28 | N/A | 7.5 HIGH |
|
Paranoidhttp before 0.3.0 allows SSRF because [::] is equivalent to the 127.0.0.1 address, but does not match the filter for private addresses.
|
|||||
| CVE-2023-24622 | 1 Includesecurity | 1 Safeurl-python | 2025-03-28 | N/A | 5.3 MEDIUM |
|
isInList in the safeurl-python package before 1.2 for Python has an insufficiently restrictive regular expression for external domains, leading to SSRF.
|
|||||
| CVE-2022-4335 | 1 Gitlab | 1 Gitlab | 2025-03-28 | N/A | 4.3 MEDIUM |
|
A blind SSRF vulnerability was identified in all versions of GitLab EE prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which allows an attacker to connect to a local host.
|
|||||
| CVE-2022-4201 | 1 Gitlab | 1 Gitlab | 2025-03-27 | N/A | 3.5 LOW |
|
A blind SSRF in GitLab CE/EE affecting all from 11.3 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 allows an attacker to connect to local addresses when configuring a malicious GitLab Runner.
|
|||||
| CVE-2023-24495 | 1 Tenable | 1 Tenable.sc | 2025-03-27 | N/A | 6.5 MEDIUM |
|
A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact with external and internal services covertly.
|
|||||
| CVE-2023-24060 | 1 Havenweb | 1 Haven | 2025-03-27 | N/A | 5.0 MEDIUM |
|
Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality. Authenticated users with the ability to create new RSS Feeds or add RSS Feeds can supply an arbitrary hostname (or even the hostname of the Haven server itself). NOTE: this product has significant usage but does not have numbered releases; ordinary end users may typically use the master branch.
|
|||||
| CVE-2022-37033 | 1 Dotcms | 1 Dotcms | 2025-03-27 | N/A | 6.5 MEDIUM |
|
In dotCMS 5.x-22.06, TempFileAPI allows a user to create a temporary file based on a passed in URL, while attempting to block any SSRF access to local IP addresses or private subnets. In resolving this URL, the TempFileAPI follows any 302 redirects that the remote URL returns. Because there is no re-validation of the redirect URL, the TempFileAPI can be used to return data from those local/private hosts that should not be accessible remotely.
|
|||||
| CVE-2024-10207 | 2025-03-27 | N/A | N/A | ||
|
A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B&R APROL <4.4-00P5 may allow an authenticated network-based attacker to force the web server to request arbitrary URLs.
|
|||||
| CVE-2024-10206 | 2025-03-27 | N/A | N/A | ||
|
A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B&R APROL <4.4-00P5 may allow an unauthenticated network-based attacker to force the web server to request arbitrary URLs.
|
|||||
| CVE-2025-27406 | 2025-03-27 | N/A | 7.6 HIGH | ||
|
Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act on behalf of the user, if the template is being previewed; and act on behalf of the headless browser, if a report using the template is printed to PDF. This issue has been resolved in version 1.0.3 of I ...
Show More |
|||||
| CVE-2024-13411 | 2025-03-27 | N/A | 6.4 MEDIUM | ||
|
The Zapier for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5.1 via the updated_user() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services.
|
|||||
| CVE-2025-30914 | 2025-03-27 | N/A | 4.4 MEDIUM | ||
|
Server-Side Request Forgery (SSRF) vulnerability in XpeedStudio Metform allows Server Side Request Forgery. This issue affects Metform: from n/a through 3.9.2.
|
|||||
| CVE-2025-22672 | 2025-03-27 | N/A | 4.9 MEDIUM | ||
|
Server-Side Request Forgery (SSRF) vulnerability in SuitePlugins Video & Photo Gallery for Ultimate Member allows Server Side Request Forgery.This issue affects Video & Photo Gallery for Ultimate Member: from n/a through 1.1.2.
|
|||||
| CVE-2024-13923 | 1 Webtoffee | 1 Order Export \& Order Import For Woocommerce | 2025-03-26 | N/A | 7.6 HIGH |
|
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.6.0 via the validate_file() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
|
|||||
| CVE-2024-40544 | 1 Publiccms | 1 Publiccms | 2025-03-26 | N/A | 8.8 HIGH |
|
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/#maintenance_sysTask/edit.
|
|||||
| CVE-2025-2691 | 1 Nossrf Project | 1 Nossrf | 2025-03-26 | N/A | 8.2 HIGH |
|
Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery (SSRF) where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism.
|
|||||
| CVE-2024-22217 | 1 Terminalfour | 1 Terminalfour | 2025-03-24 | N/A | 6.5 MEDIUM |
|
A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to access internal services including sensitive information on the server that Terminalfour runs on.
|
|||||
| CVE-2024-45317 | 2025-03-22 | N/A | 7.5 HIGH | ||
|
A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3-02676 and earlier allows a remote, unauthenticated attacker to cause the SMA1000 server-side application to make requests to an unintended IP address.
|
|||||
| CVE-2024-13856 | 2025-03-22 | N/A | 6.4 MEDIUM | ||
|
The Your Friendly Drag and Drop Page Builder — Make Builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.1.10 via the make_builder_ajax_subscribe() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
|
|||||
| CVE-2024-10524 | 2025-03-21 | N/A | 6.5 MEDIUM | ||
|
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host.
|
|||||
| CVE-2024-27564 | 1 Dirk1983 | 1 Chatgpt | 2025-03-20 | N/A | 5.8 MEDIUM |
|
pictureproxy.php in the dirk1983 mm1.ltd source code f9f4bbc allows SSRF via the url parameter. NOTE: the references section has an archived copy of pictureproxy.php from its original GitHub location, but the repository name might later change because it is misleading.
|
|||||
| CVE-2024-8099 | 2025-03-20 | N/A | 8.3 HIGH | ||
|
A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of vanna-ai/vanna when using DuckDB as the database. An attacker can exploit this vulnerability by submitting crafted SQL queries that leverage DuckDB's default features, such as `read_csv`, `read_csv_auto`, `read_text`, and `read_blob`, to make unauthorized requests to internal or external resources. This can lead to unauthorized access to sensitive data, internal systems, and potentially further attacks.
|
|||||
| CVE-2024-10457 | 2025-03-20 | N/A | 6.5 MEDIUM | ||
|
Multiple Server-Side Request Forgery (SSRF) vulnerabilities were identified in the significant-gravitas/autogpt repository, specifically in the GitHub Integration and Web Search blocks. These vulnerabilities affect version agpt-platform-beta-v0.1.1. The issues arise when block inputs are controlled by untrusted sources, leading to potential credential leakage, internal network scanning, and unauthorized access to internal services, APIs, or data stores. The affected blocks include GithubListPull ...
Show More |
|||||
| CVE-2024-32812 | 1 Podlove | 1 Podlove Podcast Publisher | 2025-03-19 | N/A | 5.4 MEDIUM |
|
Server-Side Request Forgery (SSRF) vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through 4.0.11.
|
|||||
| CVE-2021-33926 | 1 Plone | 1 Plone | 2025-03-19 | N/A | 8.8 HIGH |
|
An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1rc2, 5.1rc1, 5.1b4, 5.1b3, 5.1b2, 5.1a2, 5.1a1, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.2, 5.1.1 5.1, 5.0rc3, 5.0rc2, 5.0rc1, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.10, 5.0.1, 5.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4, 4.3.3, 4.3.20, 4 allows attacker to access sensitive information via the RSS feed protlet.
|
|||||
| CVE-2024-23788 | 1 Sharp | 4 Jh-rv11, Jh-rv11 Firmware, Jh-rvb1 and 1 more | 2025-03-19 | N/A | 8.1 HIGH |
|
Server-side request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to send an arbitrary HTTP request (GET) from the affected product.
|
|||||