Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssrf vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2015-7571
Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension.
Yeager Yeager Cms 1.2.1
1 EDB exploit
NA
CVE-2015-7572
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0237. Reason: This candidate is a duplicate of CVE-2013-0237. Notes: All CVE users should reference CVE-2013-0237 instead of this candidate. All references and descriptions in this candidate have been removed...
1 EDB exploit
6.5
CVSSv3
CVE-2017-17062
The backend component in Open-Xchange OX App Suite prior to 7.6.3-rev35, 7.8.x prior to 7.8.2-rev38, 7.8.3 prior to 7.8.3-rev41, and 7.8.4 prior to 7.8.4-rev19 allows remote authenticated users to save arbitrary user attributes by leveraging improper privilege management.
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.8.2
1 EDB exploit
5.3
CVSSv3
CVE-2020-17513
In Apache Airflow versions before 1.10.13, the Charts and Query View of the old (Flask-admin based) UI were vulnerable for SSRF attack.
Apache Airflow
6.5
CVSSv3
CVE-2018-5751
The backend component in Open-Xchange OX App Suite prior to 7.6.3-rev36, 7.8.x prior to 7.8.2-rev39, 7.8.3 prior to 7.8.3-rev44, and 7.8.4 prior to 7.8.4-rev22 allows remote authenticated users to obtain sensitive information about external guest users via vectors related to the ...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite 7.8.0
1 EDB exploit
5.4
CVSSv3
CVE-2018-5754
Cross-site scripting (XSS) vulnerability in the office-web component in Open-Xchange OX App Suite prior to 7.8.3-rev12 and 7.8.4 prior to 7.8.4-rev9 allows remote malicious users to inject arbitrary web script or HTML via a crafted presentation file, related to copying content to...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite
1 EDB exploit
9.8
CVSSv3
CVE-2020-12645
OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption.
Open-xchange Open-xchange Appsuite
8.8
CVSSv3
CVE-2018-5752
The backend component in Open-Xchange OX App Suite prior to 7.6.3-rev36, 7.8.x prior to 7.8.2-rev39, 7.8.3 prior to 7.8.3-rev44, and 7.8.4 prior to 7.8.4-rev22 allows remote malicious users to conduct server-side request forgery (SSRF) attacks via vectors involving non-decimal re...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite
1 EDB exploit
6.5
CVSSv3
CVE-2018-5753
The frontend component in Open-Xchange OX App Suite prior to 7.6.3-rev31, 7.8.x prior to 7.8.2-rev31, 7.8.3 prior to 7.8.3-rev41, and 7.8.4 prior to 7.8.4-rev20 allows remote malicious users to spoof the origin of e-mails via unicode characters in the "personal part" of...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite
1 EDB exploit
5.5
CVSSv3
CVE-2018-5755
Absolute path traversal vulnerability in the readerengine component in Open-Xchange OX App Suite prior to 7.6.3-rev3, 7.8.x prior to 7.8.2-rev4, 7.8.3 prior to 7.8.3-rev5, and 7.8.4 prior to 7.8.4-rev4 allows remote malicious users to read arbitrary files via a full pathname in a...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »