Total
1195 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-0929 | 1 Dnnsoftware | 1 Dotnetnuke | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources. | |||||
CVE-2018-1000184 | 1 Jenkins | 1 Github | 2024-02-28 | 5.5 MEDIUM | 5.4 MEDIUM |
A server-side request forgery vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubPluginConfig.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | |||||
CVE-2017-14323 | 1 Onethink | 1 Onethink | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SSRF (Server Side Request Forgery) in getRemoteImage.php in Ueditor in Onethink V1.0 and V1.1 allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution via the upfile parameter. | |||||
CVE-2018-6186 | 1 Citrix | 1 Netscaler | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. The attacker can gain access to the nsroot account, and execute remote commands with root privileges. | |||||
CVE-2018-9919 | 1 Tp-shop | 1 Tp-shop | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A web-accessible backdoor, with resultant SSRF, exists in Tp-shop 2.0.5 through 2.0.8, which allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution, because /vendor/phpdocumentor/reflection-docblock/tests/phpDocumentor/Reflection/DocBlock/Tag/LinkTagTeet.php writes data from the "down_url" URL into the "bddlj" local file if the attacker knows the backdoor "jmmy" parameter. | |||||
CVE-2017-6201 | 1 Sandstorm | 1 Sandstorm | 2024-02-28 | 5.5 MEDIUM | 8.1 HIGH |
A Server Side Request Forgery vulnerability exists in the install app process in Sandstorm before build 0.203. A remote attacker may exploit this issue by providing a URL. It could bypass access control such as firewalls that prevent the attackers from accessing the URLs directly. | |||||
CVE-2018-8801 | 1 Gitlab | 1 Gitlab | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to SSRF in the Services and webhooks component. | |||||
CVE-2018-1000067 | 2 Jenkins, Oracle | 2 Jenkins, Communications Cloud Native Core Automated Test Suite | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
An improper authorization vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to have Jenkins submit HTTP GET requests and get limited information about the response. | |||||
CVE-2018-1000185 | 1 Jenkins | 1 Github Branch Source | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | |||||
CVE-2018-2370 | 1 Sap | 1 Bi Launchpad | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
Server Side Request Forgery (SSRF) vulnerability in SAP Central Management Console, BI Launchpad and Fiori BI Launchpad, 4.10, from 4.20, from 4.30, could allow a malicious user to use common techniques to determine which ports are in use on the backend server. | |||||
CVE-2017-18036 | 1 Atlassian | 1 Bitbucket | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery (SSRF) vulnerability. | |||||
CVE-2018-12571 | 1 Microsoft | 1 Forefront Unified Access Gateway | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the orig_url parameter, possibly causing a traffic amplification and/or SSRF outcome. | |||||
CVE-2018-1000055 | 1 Jenkins | 1 Android Lint | 2024-02-28 | 6.5 MEDIUM | 8.3 HIGH |
Jenkins Android Lint Plugin 2.5 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks. | |||||
CVE-2018-9920 | 1 K2 | 1 Smartforms | 2024-02-28 | 6.4 MEDIUM | 6.5 MEDIUM |
Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https://*/Identity/STS/Forms/Scripts URL. | |||||
CVE-2018-1000138 | 1 I-librarian | 1 I Librarian | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
I, Librarian version 4.8 and earlier contains a SSRF vulnerability in "url" parameter of getFromWeb in functions.php that can result in the attacker abusing functionality on the server to read or update internal resources. | |||||
CVE-2018-10174 | 1 Digitalguardian | 1 Management Console | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote attackers to read arbitrary files via file:// URLs, send TCP traffic to intranet hosts, or obtain an NTLM hash. This can occur even if the logged-in user has a read-only role. | |||||
CVE-2018-11031 | 1 Gouguoyin | 1 Phprap | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an api[url]=file:////etc/passwd&api[method]=get POST request. | |||||
CVE-2018-7516 | 1 Geutebrueck | 4 G-cam\/efd-2250, G-cam\/efd-2250 Firmware, Topfd-2125 and 1 more | 2024-02-28 | 7.5 HIGH | 7.3 HIGH |
A server-side request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could lead to proxied network scans. | |||||
CVE-2017-16678 | 1 Sap | 4 Epbc, Epbc2, Kmc-bc and 1 more | 2024-02-28 | 6.5 MEDIUM | 4.7 MEDIUM |
Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver Knowledge Management Configuration Service, EPBC and EPBC2 from 7.00 to 7.02; KMC-BC 7.30, 7.31, 7.40 and 7.50, that allows an attacker to manipulate the vulnerable application to send crafted requests on behalf of the application. | |||||
CVE-2017-1000237 | 1 I-librarian | 1 I Librarian | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset any user's password. |