Total
2086 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10174 | 1 Digitalguardian | 1 Management Console | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote attackers to read arbitrary files via file:// URLs, send TCP traffic to intranet hosts, or obtain an NTLM hash. This can occur even if the logged-in user has a read-only role.
|
|||||
| CVE-2018-1000606 | 1 Jenkins | 1 Urltrigger | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.
|
|||||
| CVE-2018-1000553 | 1 Trovebox | 1 Trovebox | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Trovebox version <= 4.0.0-rc6 contains a Server-Side request forgery vulnerability in webhook component that can result in read or update internal resources. This attack appear to be exploitable via HTTP request. This vulnerability appears to have been fixed in after commit 742b8ed.
|
|||||
| CVE-2018-1000422 | 1 Atlassian | 1 Crowd2 | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java that allows attackers to have Jenkins perform a connection test, connecting to an attacker-specified server with attacker-specified credentials and connection settings.
|
|||||
| CVE-2018-1000421 | 1 Apache | 1 Mesos | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to initiate a test connection to an attacker-specified Mesos server with attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
|
|||||
| CVE-2018-1000188 | 1 Jenkins | 1 Cas | 2024-11-21 | 5.5 MEDIUM | 5.4 MEDIUM |
|
A server-side request forgery vulnerability exists in Jenkins CAS Plugin 1.4.1 and older in CasSecurityRealm.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.
|
|||||
| CVE-2018-1000185 | 1 Jenkins | 1 Github Branch Source | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.
|
|||||
| CVE-2018-1000184 | 1 Jenkins | 1 Github | 2024-11-21 | 5.5 MEDIUM | 5.4 MEDIUM |
|
A server-side request forgery vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubPluginConfig.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.
|
|||||
| CVE-2018-1000182 | 1 Jenkins | 1 Git | 2024-11-21 | 5.5 MEDIUM | 6.4 MEDIUM |
|
A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.
|
|||||
| CVE-2018-1000067 | 2 Jenkins, Oracle | 2 Jenkins, Communications Cloud Native Core Automated Test Suite | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
An improper authorization vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to have Jenkins submit HTTP GET requests and get limited information about the response.
|
|||||
| CVE-2018-1000056 | 1 Jenkins | 1 Junit | 2024-11-21 | 6.5 MEDIUM | 8.3 HIGH |
|
Jenkins JUnit Plugin 1.23 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
|
|||||
| CVE-2018-1000055 | 1 Jenkins | 1 Android Lint | 2024-11-21 | 6.5 MEDIUM | 8.3 HIGH |
|
Jenkins Android Lint Plugin 2.5 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
|
|||||
| CVE-2018-1000054 | 1 Jenkins | 1 Ccm | 2024-11-21 | 6.5 MEDIUM | 8.3 HIGH |
|
Jenkins CCM Plugin 3.1 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
|
|||||
| CVE-2018-0403 | 1 Cisco | 2 Unified Contact Center Express, Unified Ip Interactive Voice Response | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
|
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040.
|
|||||
| CVE-2018-0399 | 1 Cisco | 1 Finesse | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
|
Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to retrieve a cleartext password from an affected system. Cisco Bug IDs: CSCvg71044.
|
|||||
| CVE-2018-0398 | 1 Cisco | 1 Finesse | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack. Cisco Bug IDs: CSCvg71018.
|
|||||
| CVE-2017-6201 | 1 Sandstorm | 1 Sandstorm | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
A Server Side Request Forgery vulnerability exists in the install app process in Sandstorm before build 0.203. A remote attacker may exploit this issue by providing a URL. It could bypass access control such as firewalls that prevent the attackers from accessing the URLs directly.
|
|||||
| CVE-2017-3164 | 1 Apache | 1 Solr | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (inclusive). Since the "shards" parameter does not have a corresponding whitelist mechanism, a remote attacker with access to the server could make Solr perform an HTTP GET request to any reachable URL.
|
|||||
| CVE-2017-20157 | 1 Ariadne-cms | 1 Ariadne Component Library | 2024-11-21 | 5.2 MEDIUM | 5.5 MEDIUM |
|
A vulnerability was found in Ariadne Component Library up to 2.x. It has been classified as critical. Affected is an unknown function of the file src/url/Url.php. The manipulation leads to server-side request forgery. Upgrading to version 3.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217140.
|
|||||
| CVE-2017-20106 | 1 Khoros | 1 Lithium Forum | 2024-11-21 | 3.6 LOW | 5.3 MEDIUM |
|
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument upload_url leads to server-side request forgery. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2017-18638 | 1 Graphite Project | 1 Graphite | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an e-mail address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information.
|
|||||
| CVE-2017-18096 | 1 Atlassian | 1 Application Links | 2024-11-21 | 4.0 MEDIUM | 7.2 HIGH |
|
The OAuth status rest resource in Atlassian Application Links before version 5.2.7, from 5.3.0 before 5.3.4 and from 5.4.0 before 5.4.3 allows remote attackers with administrative rights to access the content of internal network resources via a Server Side Request Forgery (SSRF) by creating an OAuth application link to a location they control and then redirecting access from the linked location's OAuth status rest resource to an internal location. When running in an environment like Amazon EC2, ...
Show More |
|||||
| CVE-2017-18036 | 1 Atlassian | 1 Bitbucket | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery (SSRF) vulnerability.
|
|||||
| CVE-2017-17674 | 1 Bmc | 1 Remedy Mid-tier | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code execution (RCE).
|
|||||
| CVE-2017-16865 | 1 Atlassian | 1 Jira | 2024-11-21 | 3.5 LOW | 5.3 MEDIUM |
|
The Trello importer in Atlassian Jira before version 7.6.1 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF). When running in an environment like Amazon EC2, this flaw maybe used to access to a metadata resource that provides access credentials and other potentially confidential information.
|
|||||
| CVE-2017-16614 | 1 Tp-shop | 1 Tpshop | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SSRF (Server Side Request Forgery) in tpshop 2.0.5 and 2.0.6 allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution via the plugins/payment/weixin/lib/WxPay.tedatac.php fBill parameter.
|
|||||
| CVE-2017-15029 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF.
|
|||||
| CVE-2017-14611 | 1 Agentejo | 1 Cockpit | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter, related to use of the discontinued aheinze/fetch_url_contents component.
|
|||||
| CVE-2017-14323 | 1 Onethink | 1 Onethink | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SSRF (Server Side Request Forgery) in getRemoteImage.php in Ueditor in Onethink V1.0 and V1.1 allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution via the upfile parameter.
|
|||||
| CVE-2017-13667 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.5 MEDIUM | 9.9 CRITICAL |
|
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF.
|
|||||
| CVE-2017-1000419 | 1 Phpbb | 1 Phpbb | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar function resulting allowing an attacker to perform port scanning, requesting internal content and potentially attacking such internal services via the web application.
|
|||||
| CVE-2017-0929 | 1 Dnnsoftware | 1 Dotnetnuke | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources.
|
|||||
| CVE-2016-10927 | 1 Neliosoftware | 1 Nelio Ab Testing | 2024-11-21 | 6.4 MEDIUM | 10.0 CRITICAL |
|
The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php.
|
|||||
| CVE-2016-10926 | 1 Neliosoftware | 1 Nelio Ab Testing | 2024-11-21 | 6.4 MEDIUM | 10.0 CRITICAL |
|
The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php.
|
|||||
| CVE-2014-8943 | 1 Piwigo | 1 Lexiglot | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Lexiglot through 2014-11-20 allows SSRF via the admin.php?page=projects svn_url parameter.
|
|||||
| CVE-2014-3990 | 1 Opencart | 1 Opencart | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The Cart::getProducts method in system/library/cart.php in OpenCart 1.5.6.4 and earlier allows remote attackers to conduct server-side request forgery (SSRF) attacks or possibly conduct XML External Entity (XXE) attacks and execute arbitrary code via a crafted serialized PHP object, related to the quantity parameter in an update request.
|
|||||
| CVE-2013-4864 | 1 Micasaverde | 2 Veralite, Veralite Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to send HTTP requests to intranet servers via the url parameter to cgi-bin/cmh/proxy.sh, related to a Server-Side Request Forgery (SSRF) issue.
|
|||||
| CVE-2007-6758 | 1 Sencha | 1 Ext Js | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.
|
|||||
| CVE-2024-20531 | 1 Cisco | 1 Identity Services Engine | 2024-11-20 | N/A | 6.5 MEDIUM |
|
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device and conduct a server-side request forgery (SSRF) attack through an affected device. To exploit this vulnerability, the attacker would need valid Super Admin credentials.
This vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing XML input. An attacker could exploit this vulnerability by send ...
Show More |
|||||
| CVE-2021-3742 | 1 Chatwoot | 1 Chatwoot | 2024-11-19 | N/A | 8.8 HIGH |
|
A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.5.0. The vulnerability allows an attacker to upload an SVG file containing a malicious SSRF payload. When the SVG file is used as an avatar and opened in a new tab, it can trigger the SSRF, potentially leading to host redirection.
|
|||||