Total
1195 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-12678 | 1 Portainer | 1 Portainer | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote attackers to bypass intended access restrictions or conduct SSRF attacks. | |||||
| CVE-2018-9302 | 1 Getcockpit | 1 Cockpit | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
| SSRF (Server Side Request Forgery) in /assets/lib/fuc.js.php in Cockpit 0.4.4 through 0.5.5 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-14611, which was about version 0.13.0, which (surprisingly) is an earlier version than 0.4.4. | |||||
| CVE-2018-13790 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
| A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page. | |||||
| CVE-2018-1000056 | 1 Jenkins | 1 Junit | 2024-02-28 | 6.5 MEDIUM | 8.3 HIGH |
| Jenkins JUnit Plugin 1.23 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks. | |||||
| CVE-2018-1000124 | 1 I-librarian | 1 I\, Librarian | 2024-02-28 | 7.5 HIGH | 10.0 CRITICAL |
| I Librarian I-librarian version 4.8 and earlier contains a XML External Entity (XXE) vulnerability in line 154 of importmetadata.php(simplexml_load_string) that can result in an attacker reading the contents of a file and SSRF. This attack appear to be exploitable via posting xml in the Parameter form_import_textarea. | |||||
| CVE-2018-1000054 | 1 Jenkins | 1 Ccm | 2024-02-28 | 6.5 MEDIUM | 8.3 HIGH |
| Jenkins CCM Plugin 3.1 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks. | |||||
| CVE-2018-1000182 | 1 Jenkins | 1 Git | 2024-02-28 | 5.5 MEDIUM | 6.4 MEDIUM |
| A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | |||||
| CVE-2018-1000188 | 1 Jenkins | 1 Cas | 2024-02-28 | 5.5 MEDIUM | 5.4 MEDIUM |
| A server-side request forgery vulnerability exists in Jenkins CAS Plugin 1.4.1 and older in CasSecurityRealm.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | |||||
| CVE-2018-7055 | 1 Steelcase | 2 Roomwizard, Roomwizard Firmware | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| GroupViewProxyServlet in RoomWizard before 4.4.x allows SSRF via the url parameter. | |||||
| CVE-2018-1000553 | 1 Trovebox | 1 Trovebox | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| Trovebox version <= 4.0.0-rc6 contains a Server-Side request forgery vulnerability in webhook component that can result in read or update internal resources. This attack appear to be exploitable via HTTP request. This vulnerability appears to have been fixed in after commit 742b8ed. | |||||
| CVE-2017-18096 | 1 Atlassian | 1 Application Links | 2024-02-28 | 4.0 MEDIUM | 7.2 HIGH |
| The OAuth status rest resource in Atlassian Application Links before version 5.2.7, from 5.3.0 before 5.3.4 and from 5.4.0 before 5.4.3 allows remote attackers with administrative rights to access the content of internal network resources via a Server Side Request Forgery (SSRF) by creating an OAuth application link to a location they control and then redirecting access from the linked location's OAuth status rest resource to an internal location. When running in an environment like Amazon EC2, this flaw maybe used to access to a metadata resource that provides access credentials and other potentially confidential information. | |||||
| CVE-2018-6029 | 1 5none | 1 Nonecms | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| The copy function in application/admin/controller/Article.php in NoneCms 1.3.0 allows remote attackers to access the content of internal and external network resources via Server Side Request Forgery (SSRF), because URL validation only considers whether the URL contains the "csdn" substring. | |||||
| CVE-2017-14611 | 1 Agentejo | 1 Cockpit | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
| SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter, related to use of the discontinued aheinze/fetch_url_contents component. | |||||
| CVE-2018-1000606 | 1 Jenkins | 1 Urltrigger | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | |||||
| CVE-2014-3990 | 1 Opencart | 1 Opencart | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| The Cart::getProducts method in system/library/cart.php in OpenCart 1.5.6.4 and earlier allows remote attackers to conduct server-side request forgery (SSRF) attacks or possibly conduct XML External Entity (XXE) attacks and execute arbitrary code via a crafted serialized PHP object, related to the quantity parameter in an update request. | |||||
| CVE-2018-5752 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors involving non-decimal representations of IP addresses and special IPv6 related addresses. | |||||
| CVE-2018-1042 | 1 Moodle | 1 Moodle | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| Moodle 3.x has Server Side Request Forgery in the filepicker. | |||||
| CVE-2018-7667 | 1 Adminer | 1 Adminer | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Adminer through 4.3.1 has SSRF via the server parameter. | |||||
| CVE-2017-16614 | 1 Tp-shop | 1 Tpshop | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| SSRF (Server Side Request Forgery) in tpshop 2.0.5 and 2.0.6 allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution via the plugins/payment/weixin/lib/WxPay.tedatac.php fBill parameter. | |||||
| CVE-2018-11586 | 1 Searchblox | 1 Searchblox | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| XML external entity (XXE) vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. | |||||