Total
2086 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-23776 | 1 Winmail Project | 1 Winmail | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. An attacker can use this vulnerability to cause the server to send a request to a specific URL. An attacker can modify the request header 'HOST' value to cause the server to send the request.
|
|||||
| CVE-2020-23622 | 1 Cling Project | 1 Cling | 2024-11-21 | N/A | 7.5 HIGH |
|
An issue in the UPnP protocol in 4thline cling 2.0.0 through 2.1.2 allows remote attackers to cause a denial of service via an unchecked CALLBACK parameter in the request header
|
|||||
| CVE-2020-23534 | 1 Masterlab | 1 Masterlab | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
A server-side request forgery (SSRF) vulnerability in Upgrade.php of gopeak masterlab 2.1.5, via the 'source' parameter.
|
|||||
| CVE-2020-23079 | 1 Halo | 1 Halo | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
SSRF vulnerability in Halo <=1.3.2 exists in the SMTP configuration, which can detect the server intranet.
|
|||||
| CVE-2020-22983 | 1 Microstrategy | 1 Microstrategy Web | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
|
A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task.
|
|||||
| CVE-2020-22002 | 1 Inim | 12 Smartliving 10100l, Smartliving 10100l Firmware, Smartliving 10100lg3 and 9 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An Unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in Inim Electronics Smartliving SmartLAN/G/SI <=6.x within the GetImage functionality. The application parses user supplied data in the GET parameter 'host' to construct an image request to the service through onvif.cgi. Since no validation is carried out on the parameter, an attacker can specify an external domain and force the application to make an HTTP request to an arbitrary destination host.
|
|||||
| CVE-2020-21788 | 1 Crmeb | 1 Crmeb | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The vulnerable code is in file /crmeb/app/admin/controller/store/CopyTaobao.php.
|
|||||
| CVE-2020-21653 | 1 Myucms Project | 1 Myucms | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method.
|
|||||
| CVE-2020-21649 | 1 Myucms Project | 1 Myucms | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sql() method.
|
|||||
| CVE-2020-21122 | 1 Ureport Project | 1 Ureport | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports.
|
|||||
| CVE-2020-20582 | 1 Mipcms | 1 Mipcms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A server side request forgery (SSRF) vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1 allows attackers to access sensitive information.
|
|||||
| CVE-2020-20341 | 1 Yzmcms | 1 Yzmcms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
YzmCMS v5.5 contains a server-side request forgery (SSRF) in the grab_image() function.
|
|||||
| CVE-2020-1925 | 1 Apache | 1 Olingo | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to implement a SSRF attack. If an attacker tricks a client to connect to a malicious server, the server can make the client call any URL including internal resources which are not directly accessible by the attacker.
|
|||||
| CVE-2020-19613 | 1 Flycms Project | 1 Flycms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Server Side Request Forgery (SSRF) vulnerability in saveUrlAs function in ImagesService.java in sunkaifei FlyCMS version 20190503.
|
|||||
| CVE-2020-17513 | 1 Apache | 1 Airflow | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old (Flask-admin based) UI were vulnerable for SSRF attack.
|
|||||
| CVE-2020-16248 | 1 Prometheus | 1 Blackbox Exporter | 2024-11-21 | 5.0 MEDIUM | 5.8 MEDIUM |
|
Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. NOTE: follow-on discussion suggests that this might plausibly be interpreted as both intended functionality and also a vulnerability
|
|||||
| CVE-2020-16171 | 1 Acronis | 1 Cyber Backup | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct SSRF attacks against otherwise unreachable Acronis services that are bound to localhost such as the NotificationService on 127.0.0.1:30572.
|
|||||
| CVE-2020-15879 | 1 Bitwarden | 1 Server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Bitwarden Server 1.35.1 allows SSRF because it does not consider certain IPv6 addresses (ones beginning with fc, fd, fe, or ff, and the :: address) and certain IPv4 addresses (0.0.0.0/8, 127.0.0.0/8, and 169.254.0.0/16).
|
|||||
| CVE-2020-15823 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
|
|||||
| CVE-2020-15822 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
|
In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.
|
|||||
| CVE-2020-15819 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports.
|
|||||
| CVE-2020-15809 | 1 Spinetix | 11 Diva, Diva Firmware, Dsos and 8 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. This affects HMP350, HMP300, and DiVA through 4.5.2-1.0.36229; HMP400 and HMP400W through 4.5.2-1.0.2-1eb2ffbd; and DSOS through 4.5.2-1.0.2-1eb2ffbd.
|
|||||
| CVE-2020-15772 | 1 Gradle | 1 Enterprise | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. When configuring Gradle Enterprise to integrate with a SAML identity provider, an XML metadata file can be uploaded by an administrator. The server side processing of this file dereferences XML External Entities (XXE), allowing a remote attacker with administrative access to perform server side request forgery.
|
|||||
| CVE-2020-15377 | 1 Broadcom | 1 Sannav | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery (SSRF).
|
|||||
| CVE-2020-15297 | 1 Bitdefender | 1 Update Server | 2024-11-21 | 6.4 MEDIUM | 7.1 HIGH |
|
Insufficient validation in the Bitdefender Update Server and BEST Relay components of Bitdefender Endpoint Security Tools versions prior to 6.6.20.294 allows an unprivileged attacker to bypass the in-place mitigations and interact with hosts on the network. This issue affects: Bitdefender Update Server versions prior to 6.6.20.294.
|
|||||
| CVE-2020-15152 | 1 Ftp-srv Project | 1 Ftp-srv | 2024-11-21 | 5.0 MEDIUM | 9.1 CRITICAL |
|
ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a connection elsewhere. A possible workaround is blocking the PORT through the configuration. This issue is fixed in version2 2.19.6, 3.1.2, and 4.3.4. More information can be found on the linked advisory.
|
|||||
| CVE-2020-15002 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 4.0 MEDIUM | 5.0 MEDIUM |
|
OX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/message message API.
|
|||||
| CVE-2020-14328 | 1 Redhat | 1 Ansible Tower | 2024-11-21 | 2.1 LOW | 3.3 LOW |
|
A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw can be abused by supplying a URL which could lead to the server processing it connecting to internal services or exposing additional internal services and more particularly retrieving full details in case of error. The highest threat from this vulnerability is to data confidentiality.
|
|||||
| CVE-2020-14327 | 1 Redhat | 1 Ansible Tower | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions before 3.6.5 and before 3.7.2. Functionality on the Tower server is abused by supplying a URL that could lead to the server processing it. This flaw leads to the connection to internal services or the exposure of additional internal services by abusing the test feature of lookup credentials to forge HTTP/HTTPS requests from the server and retrieving the results of the response.
|
|||||
| CVE-2020-14296 | 1 Redhat | 1 Cloudforms Management Engine | 2024-11-21 | 5.5 MEDIUM | 7.1 HIGH |
|
Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan and attack systems from the internal network which are not normally accessible.
|
|||||
| CVE-2020-14170 | 1 Atlassian | 1 Bitbucket | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability.
|
|||||
| CVE-2020-14160 | 1 Thecodingmachine | 1 Gotenberg | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An SSRF vulnerability in Gotenberg through 6.2.1 exists in the remote URL to PDF conversion, which results in a remote attacker being able to read local files or fetch intranet resources.
|
|||||
| CVE-2020-14056 | 1 Monstaftp | 1 Monsta Ftp | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. This allows attackers to read arbitrary local files and interact with arbitrary third-party services.
|
|||||
| CVE-2020-14044 | 1 Codiad | 1 Codiad | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Server-Side Request Forgery (SSRF) vulnerability was found in Codiad v1.7.8 and later. A user with admin privileges could use the plugin install feature to make the server request any URL via components/market/class.market.php. This could potentially result in remote code execution. NOTE: the vendor states "Codiad is no longer under active maintenance by core contributors."
|
|||||
| CVE-2020-14023 | 1 Ozeki | 1 Ozeki Ng Sms Gateway | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS.
|
|||||
| CVE-2020-13970 | 1 Shopware | 1 Shopware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Shopware before 6.2.3 is vulnerable to a Server-Side Request Forgery (SSRF) in its "Mediabrowser upload by URL" feature. This allows an authenticated user to send HTTP, HTTPS, FTP, and SFTP requests on behalf of the Shopware platform server.
|
|||||
| CVE-2020-13788 | 1 Linuxfoundation | 1 Harbor | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet.
|
|||||
| CVE-2020-13650 | 1 Digdash | 1 Digdash | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. The login page is vulnerable to Server-Side Request Forgery (SSRF) that allows use of the application as a proxy. Sent to an external server, a forged request discloses application credentials. For a request to an internal component, the request is blind, but through the error message it's possible to determine whether the request targeted a open service.
|
|||||
| CVE-2020-13484 | 1 Bitrix24 | 1 Bitrix24 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in the services/main/ajax.php?action=attachUrlPreview url parameter, if the destination URL hosts an HTML document containing '<meta name="og:image" content="' followed by an intranet URL.
|
|||||
| CVE-2020-13379 | 4 Fedoraproject, Grafana, Netapp and 1 more | 5 Fedora, Grafana, E-series Performance Analyzer and 2 more | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
|
The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.
|
|||||