Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssrf vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-14227
OX App Suite 7.10.1 and 7.10.2 allows XSS.
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.1
7.5
CVSSv3
CVE-2023-50968
Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when user operates an uri call without authorizations. The same uri can be operated to realize a SSRF attack also without authorizations. Users are recommended to upgrade to version 18.12.1...
Apache Ofbiz
9.1
CVSSv3
CVE-2017-1000190
SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on.
Simplexml Project Simplexml 2.7.1
1 Github repository
7.5
CVSSv3
CVE-2017-3164
Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (inclusive). Since the "shards" parameter does not have a corresponding whitelist mechanism, a remote attacker with access to the server could make Solr perform an HTTP GET request to any reachable URL.
Apache Solr
1 Github repository
6.5
CVSSv3
CVE-2017-3546
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network...
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Peoplesoft Enterprise Peopletools 8.54
1 EDB exploit
NA
CVE-2024-34365
** UNSUPPORTED WHEN ASSIGNED ** Improper Input Validation vulnerability in Apache Karaf Cave.This issue affects all versions of Apache Karaf Cave. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative o...
8.8
CVSSv3
CVE-2015-8379
CakePHP 2.x and 3.x prior to 3.1.5 might allow remote malicious users to bypass the CSRF protection mechanism via the _method parameter.
Cakephp Cakephp 3.1.1
Cakephp Cakephp 3.1.0
Cakephp Cakephp 3.0.11
Cakephp Cakephp 3.0.10
Cakephp Cakephp 3.0.3
Cakephp Cakephp 3.0.2
Cakephp Cakephp 3.0.0
Cakephp Cakephp 2.7.7
Cakephp Cakephp 2.7.6
Cakephp Cakephp 2.7.0
Cakephp Cakephp 2.6.12
Cakephp Cakephp 2.6.5
Cakephp Cakephp 2.6.4
Cakephp Cakephp 2.5.8
Cakephp Cakephp 2.5.7
Cakephp Cakephp 2.5.0
Cakephp Cakephp 2.4.6
Cakephp Cakephp 2.4.5
Cakephp Cakephp 2.4.4
Cakephp Cakephp 2.4.0
Cakephp Cakephp 2.3.10
Cakephp Cakephp 2.3.3
NA
CVE-2013-1651
OXUpdater in Open-Xchange Server prior to 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof update servers and install arbitrary software via a crafted certificat...
Open-xchange Open-xchange Server 6.22.1
Open-xchange Open-xchange Server 6.22.0
Open-xchange Open-xchange Server 6.20.7
1 EDB exploit
NA
CVE-2013-1646
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server prior to 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote malicious users to inject arbitrary web script or HTML via (1) invalid JSON data in a mail-sending POST request, (2) an arbi...
Open-xchange Open-xchange Server 6.22.1
Open-xchange Open-xchange Server 6.20.7
Open-xchange Open-xchange Server 6.22.0
1 EDB exploit
NA
CVE-2013-1648
The Subscriptions feature in Open-Xchange Server prior to 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not properly validate the publication-source URL, which allows remote authenticated users to trigger arbitrary outbound TCP traffic via a crafted Source field...
Open-xchange Open-xchange Server 6.22.1
Open-xchange Open-xchange Server 6.22.0
Open-xchange Open-xchange Server 6.20.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »