Total
1167 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-8982 | 1 Wavemaker | 1 Wavemarker Studio | 2019-02-21 | 6.8 MEDIUM | 9.6 CRITICAL |
| com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF. | |||||
| CVE-2018-18843 | 1 Gitlab | 1 Gitlab | 2019-02-05 | 7.5 HIGH | 10.0 CRITICAL |
| The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4.4 has SSRF. | |||||
| CVE-2019-5725 | 1 Qibosoft | 1 Qibosoft | 2019-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| qibosoft through V7 allows remote attackers to read arbitrary files via the member/index.php main parameter, as demonstrated by SSRF to a URL on the same web site to read a .sql file. | |||||
| CVE-2018-12609 | 1 Open-xchange | 1 Open-xchange Appsuite | 2019-01-31 | 4.0 MEDIUM | 6.5 MEDIUM |
| OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery. | |||||
| CVE-2018-1000422 | 1 Atlassian | 1 Crowd2 | 2019-01-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java that allows attackers to have Jenkins perform a connection test, connecting to an attacker-specified server with attacker-specified credentials and connection settings. | |||||
| CVE-2018-20596 | 1 Jspxcms | 1 Jspxcms | 2019-01-28 | 7.5 HIGH | 9.8 CRITICAL |
| Jspxcms v9.0.0 allows SSRF. | |||||
| CVE-2018-18753 | 1 Typecho | 1 Typecho | 2019-01-28 | 10.0 HIGH | 9.8 CRITICAL |
| Typecho V1.1 allows remote attackers to send shell commands via base64-encoded serialized data, as demonstrated by SSRF. | |||||
| CVE-2018-20228 | 1 Subsonic | 1 Subsonic | 2019-01-24 | 6.0 MEDIUM | 8.0 HIGH |
| Subsonic V6.1.5 allows internetRadioSettings.view streamUrl CSRF, with resultant SSRF. | |||||
| CVE-2018-18646 | 1 Gitlab | 1 Gitlab | 2018-12-27 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows SSRF. | |||||
| CVE-2018-18867 | 1 Tecrail | 1 Responsive Filemanager | 2018-12-07 | 5.0 MEDIUM | 8.6 HIGH |
| An SSRF issue was discovered in tecrail Responsive FileManager 9.13.4 via the upload.php url parameter. NOTE: this issue exists because of an incomplete fix for CVE-2018-15495. | |||||
| CVE-2018-2463 | 1 Sap | 1 Hybris | 2018-11-29 | 5.0 MEDIUM | 8.6 HIGH |
| The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6.*, is vulnerable to server-side request forgery (SSRF) attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC. | |||||
| CVE-2018-16793 | 1 Microsoft | 1 Exchange Server | 2018-11-20 | 5.0 MEDIUM | 8.6 HIGH |
| Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions has an SSRF vulnerability via the username parameter in /owa/auth/logon.aspx in the OWA (Outlook Web Access) login page. | |||||
| CVE-2018-16794 | 1 Microsoft | 2 Active Directory Federation Services, Windows Server 2016 | 2018-11-20 | 5.0 MEDIUM | 8.6 HIGH |
| Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls. | |||||
| CVE-2018-15895 | 1 Icmsdev | 1 Icms | 2018-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| An SSRF vulnerability was discovered in idreamsoft iCMS 7.0.11 because the remote function in app/spider/spider_tools.class.php does not block DNS hostnames associated with private and reserved IP addresses, as demonstrated by 127.0.0.1 in an A record. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-14858. | |||||
| CVE-2018-16409 | 1 Gogs | 1 Gogs | 2018-11-06 | 5.0 MEDIUM | 8.6 HIGH |
| In Gogs 0.11.53, an attacker can use migrate to send arbitrary HTTP GET requests, leading to SSRF. | |||||
| CVE-2017-4928 | 1 Vmware | 1 Vcenter Server | 2018-10-30 | 5.0 MEDIUM | 7.5 HIGH |
| The flash-based vSphere Web Client (6.0 prior to 6.0 U3c and 5.5 prior to 5.5 U3f) i.e. not the new HTML5-based vSphere Client, contains SSRF and CRLF injection issues due to improper neutralization of URLs. An attacker may exploit these issues by sending a POST request with modified headers towards internal services leading to information disclosure. | |||||
| CVE-2018-16444 | 1 Seacms | 1 Seacms | 2018-10-25 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in SeaCMS 6.61. adm1n/admin_reslib.php has SSRF via the url parameter. | |||||
| CVE-2016-4046 | 1 Open-xchange | 1 Open-xchange Appsuite | 2018-10-19 | 5.0 MEDIUM | 5.8 MEDIUM |
| An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure external mail accounts can be abused to map and access network components within the trust boundary of the operator. Users can inject arbitrary hosts and ports to API calls. Depending on the response type, content and latency, information about existence of hosts and services can be gathered. Attackers can get internal configuration information about the infrastructure of an operator to prepare subsequent attacks. | |||||
| CVE-2018-15192 | 2 Gitea, Gogs | 2 Gitea, Gogs | 2018-10-18 | 5.0 MEDIUM | 8.6 HIGH |
| An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services. | |||||
| CVE-2018-1999039 | 1 Jenkins | 1 Confluence Publisher | 2018-10-15 | 4.0 MEDIUM | 4.3 MEDIUM |
| A server-side request forgery vulnerability exists in Jenkins Confluence Publisher Plugin 2.0.1 and earlier in ConfluenceSite.java that allows attackers to have Jenkins submit login requests to an attacker-specified Confluence server URL with attacker specified credentials. | |||||