Total
642 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-24141 | 1 Wp-downloadmanager Project | 1 Wp-downloadmanager | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the file_remote parameter to download-add.php. It can help identify open ports, local network hosts and execute command on services | |||||
| CVE-2020-21788 | 1 Crmeb | 1 Crmeb | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The vulnerable code is in file /crmeb/app/admin/controller/store/CopyTaobao.php. | |||||
| CVE-2020-21122 | 1 Ureport Project | 1 Ureport | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports. | |||||
| CVE-2020-17513 | 1 Apache | 1 Airflow | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old (Flask-admin based) UI were vulnerable for SSRF attack. | |||||
| CVE-2020-17386 | 1 Cellopoint | 1 Cellos | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. With cookie of an authenticated user, attackers can temper with the URL parameter and access arbitrary file on system. | |||||
| CVE-2020-16248 | 1 Prometheus | 1 Blackbox Exporter | 2024-11-21 | 5.0 MEDIUM | 5.8 MEDIUM |
| ** DISPUTED ** Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. NOTE: follow-on discussion suggests that this might plausibly be interpreted as both intended functionality and also a vulnerability. | |||||
| CVE-2020-16171 | 1 Acronis | 1 Cyber Backup | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct SSRF attacks against otherwise unreachable Acronis services that are bound to localhost such as the NotificationService on 127.0.0.1:30572. | |||||
| CVE-2020-15819 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports. | |||||
| CVE-2020-15809 | 1 Spinetix | 11 Diva, Diva Firmware, Dsos and 8 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. This affects HMP350, HMP300, and DiVA through 4.5.2-1.0.36229; HMP400 and HMP400W through 4.5.2-1.0.2-1eb2ffbd; and DSOS through 4.5.2-1.0.2-1eb2ffbd. | |||||
| CVE-2020-15772 | 1 Gradle | 1 Enterprise | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. When configuring Gradle Enterprise to integrate with a SAML identity provider, an XML metadata file can be uploaded by an administrator. The server side processing of this file dereferences XML External Entities (XXE), allowing a remote attacker with administrative access to perform server side request forgery. | |||||
| CVE-2020-15002 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 4.0 MEDIUM | 5.0 MEDIUM |
| OX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/message message API. | |||||
| CVE-2020-14327 | 1 Redhat | 1 Ansible Tower | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions before 3.6.5 and before 3.7.2. Functionality on the Tower server is abused by supplying a URL that could lead to the server processing it. This flaw leads to the connection to internal services or the exposure of additional internal services by abusing the test feature of lookup credentials to forge HTTP/HTTPS requests from the server and retrieving the results of the response. | |||||
| CVE-2020-14170 | 1 Atlassian | 1 Bitbucket | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability. | |||||
| CVE-2020-14023 | 1 Ozeki | 1 Ozeki Ng Sms Gateway | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS. | |||||
| CVE-2020-13788 | 1 Linuxfoundation | 1 Harbor | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet. | |||||
| CVE-2020-13309 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.5 MEDIUM | 5.4 MEDIUM |
| A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a blind SSRF attack through the repository mirroring feature. | |||||
| CVE-2020-13295 | 1 Gitlab | 1 Runner | 2024-11-21 | 6.5 MEDIUM | 5.4 MEDIUM |
| For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF. | |||||
| CVE-2020-13286 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.0 MEDIUM | 6.4 MEDIUM |
| For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings can be modified to result in Server Side Request Forgery. | |||||
| CVE-2020-12644 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 4.0 MEDIUM | 5.0 MEDIUM |
| OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API. | |||||
| CVE-2020-12529 | 1 Mbconnectline | 2 Mbconnect24, Mymbconnect24 | 2024-11-21 | 5.0 MEDIUM | 5.8 MEDIUM |
| An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2 There is a SSRF in the LDAP access check, allowing an attacker to scan for open ports. | |||||