Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server-side request forgery vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29021
Judge0 is an open-source online code execution system. The default configuration of Judge0 leaves the service vulnerable to a sandbox escape via Server Side Request Forgery (SSRF). This allows an attacker with sufficient access to the Judge0 API to obtain unsandboxed code executi...
8.6
CVSSv3
CVE-2018-15517
The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/...
Dlink Central Wifimanager 1.03
6.5
CVSSv3
CVE-2018-10174
Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote malicious users to read arbitrary files via file:// URLs, send TCP traffic to intranet hosts, or obtain an NTLM hash. This can occur even if the logged-in user has a read-only role.
Digitalguardian Management Console 7.1.2.0015
NA
CVE-2015-6388
Cisco Unified Computing System (UCS) Central software 1.3(0.1) allows remote malicious users to conduct server-side request forgery (SSRF) attacks via a crafted request, aka Bug ID CSCux33575.
Cisco Unified Computing System Central Software 1.3\\(0.1\\)
6.1
CVSSv3
CVE-2021-31252
An open redirect vulnerability exists in BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, and SEMAC devices from CHIYU Technology that can be exploited by sending a link that has a specially crafted URL to convince the user to click on it.
Chiyu-tech Bf-430 Firmware -
Chiyu-tech Bf-431 Firmware -
Chiyu-tech Bf-450m Firmware -
Chiyu-tech Semac S2 Firmware -
Chiyu-tech Semac D1 Firmware -
Chiyu-tech Semac D2 Firmware -
Chiyu-tech Semac D4 Firmware -
Chiyu-tech Semac S3v3 Firmware -
Chiyu-tech Semac D2 N300 Firmware -
Chiyu-tech Semac S1 Osdp Firmware -
Chiyu-tech Bf-630 Firmware -
Chiyu-tech Bf-631w Firmware -
Chiyu-tech Bf-830w Firmware -
Chiyu-tech Webpass Firmware -
7.5
CVSSv3
CVE-2019-12633
A vulnerability in Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. The vulnerability is due to improper validation of u...
Cisco Unified Contact Center Express
Cisco Unified Contact Center Express 12.0\\(1\\)
NA
CVE-2020-161712
Acronis Cyber Backup version 12.5 Build 16341 suffers from a server-side request forgery vulnerability.
NA
CVE-2020-161712020
Acronis Cyber Backup version 12.5 Build 16341 suffers from a server-side request forgery vulnerability.
5.3
CVSSv3
CVE-2019-15021
A security vulnerability exists in the Zingbox Inspector versions 1.294 and previous versions, that can allow an malicious user to easily identify instances of Zingbox Inspectors in a local area network.
Zingbox Inspector
8.8
CVSSv3
CVE-2021-1272
A vulnerability in the session validation feature of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote malicious user to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. This vulnerability is due to...
Cisco Data Center Network Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »