Total
975 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-8939 | 1 Ipswitch | 1 Whatsup Gold | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can submit specially crafted requests via the NmAPI executable to (1) gain unauthorized access to the WhatsUp Gold system, (2) obtain information about the WhatsUp Gold system, or (3) execute remote commands. | |||||
CVE-2018-1000182 | 1 Jenkins | 1 Git | 2024-02-04 | 5.5 MEDIUM | 6.4 MEDIUM |
A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | |||||
CVE-2018-9919 | 1 Tp-shop | 1 Tp-shop | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
A web-accessible backdoor, with resultant SSRF, exists in Tp-shop 2.0.5 through 2.0.8, which allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution, because /vendor/phpdocumentor/reflection-docblock/tests/phpDocumentor/Reflection/DocBlock/Tag/LinkTagTeet.php writes data from the "down_url" URL into the "bddlj" local file if the attacker knows the backdoor "jmmy" parameter. | |||||
CVE-2018-1000067 | 2 Jenkins, Oracle | 2 Jenkins, Communications Cloud Native Core Automated Test Suite | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
An improper authorization vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to have Jenkins submit HTTP GET requests and get limited information about the response. | |||||
CVE-2018-11031 | 1 Gouguoyin | 1 Phprap | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an api[url]=file:////etc/passwd&api[method]=get POST request. | |||||
CVE-2018-1000185 | 1 Jenkins | 1 Github Branch Source | 2024-02-04 | 4.0 MEDIUM | 4.3 MEDIUM |
A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | |||||
CVE-2014-3990 | 1 Opencart | 1 Opencart | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
The Cart::getProducts method in system/library/cart.php in OpenCart 1.5.6.4 and earlier allows remote attackers to conduct server-side request forgery (SSRF) attacks or possibly conduct XML External Entity (XXE) attacks and execute arbitrary code via a crafted serialized PHP object, related to the quantity parameter in an update request. | |||||
CVE-2018-9302 | 1 Getcockpit | 1 Cockpit | 2024-02-04 | 6.4 MEDIUM | 9.1 CRITICAL |
SSRF (Server Side Request Forgery) in /assets/lib/fuc.js.php in Cockpit 0.4.4 through 0.5.5 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-14611, which was about version 0.13.0, which (surprisingly) is an earlier version than 0.4.4. | |||||
CVE-2017-18096 | 1 Atlassian | 1 Application Links | 2024-02-04 | 4.0 MEDIUM | 7.2 HIGH |
The OAuth status rest resource in Atlassian Application Links before version 5.2.7, from 5.3.0 before 5.3.4 and from 5.4.0 before 5.4.3 allows remote attackers with administrative rights to access the content of internal network resources via a Server Side Request Forgery (SSRF) by creating an OAuth application link to a location they control and then redirecting access from the linked location's OAuth status rest resource to an internal location. When running in an environment like Amazon EC2, this flaw maybe used to access to a metadata resource that provides access credentials and other potentially confidential information. | |||||
CVE-2018-7055 | 1 Steelcase | 2 Roomwizard, Roomwizard Firmware | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
GroupViewProxyServlet in RoomWizard before 4.4.x allows SSRF via the url parameter. | |||||
CVE-2018-5752 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors involving non-decimal representations of IP addresses and special IPv6 related addresses. | |||||
CVE-2018-8801 | 1 Gitlab | 1 Gitlab | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to SSRF in the Services and webhooks component. | |||||
CVE-2018-1000124 | 1 I-librarian | 1 I\, Librarian | 2024-02-04 | 7.5 HIGH | 10.0 CRITICAL |
I Librarian I-librarian version 4.8 and earlier contains a XML External Entity (XXE) vulnerability in line 154 of importmetadata.php(simplexml_load_string) that can result in an attacker reading the contents of a file and SSRF. This attack appear to be exploitable via posting xml in the Parameter form_import_textarea. | |||||
CVE-2017-18036 | 1 Atlassian | 1 Bitbucket | 2024-02-04 | 4.0 MEDIUM | 4.3 MEDIUM |
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery (SSRF) vulnerability. | |||||
CVE-2018-9920 | 1 K2 | 1 Smartforms | 2024-02-04 | 6.4 MEDIUM | 6.5 MEDIUM |
Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https://*/Identity/STS/Forms/Scripts URL. | |||||
CVE-2018-7516 | 1 Geutebrueck | 4 G-cam\/efd-2250, G-cam\/efd-2250 Firmware, Topfd-2125 and 1 more | 2024-02-04 | 7.5 HIGH | 7.3 HIGH |
A server-side request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could lead to proxied network scans. | |||||
CVE-2018-1000188 | 1 Jenkins | 1 Cas | 2024-02-04 | 5.5 MEDIUM | 5.4 MEDIUM |
A server-side request forgery vulnerability exists in Jenkins CAS Plugin 1.4.1 and older in CasSecurityRealm.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | |||||
CVE-2017-14323 | 1 Onethink | 1 Onethink | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
SSRF (Server Side Request Forgery) in getRemoteImage.php in Ueditor in Onethink V1.0 and V1.1 allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution via the upfile parameter. | |||||
CVE-2018-11586 | 1 Searchblox | 1 Searchblox | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
XML external entity (XXE) vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. | |||||
CVE-2018-12571 | 1 Microsoft | 1 Forefront Unified Access Gateway | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the orig_url parameter, possibly causing a traffic amplification and/or SSRF outcome. |