Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssrf vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2015-7567
SQL injection vulnerability in Yeager CMS 1.2.1 allows remote malicious users to execute arbitrary SQL commands via the "passwordreset&token" parameter.
Yeager Yeager Cms 1.2.1
1 EDB exploit
7.5
CVSSv2
CVE-2015-7568
SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote malicious users to change the account credentials of known users via the "userEmail" parameter.
Yeager Yeager Cms 1.2.1
1 EDB exploit
7.5
CVSSv2
CVE-2015-7569
SQL injection vulnerability in "yeager/y.php/tab_USERLIST" in Yeager CMS 1.2.1 allows local users to execute arbitrary SQL commands via the "pagedir_orderby" parameter.
Yeager Yeager Cms 1.2.1
1 EDB exploit
6.4
CVSSv2
CVE-2015-7570
Multiple server-side request forgery (SSRF) vulnerabilities in Yeager CMS 1.2.1 allow remote malicious users to trigger outbound requests and enumerate open ports via the dbhost parameter to libs/org/adodb_lite/tests/test_adodb_lite.php, libs/org/adodb_lite/tests/test_datadiction...
Yeager Yeager Cms 1.2.1
1 EDB exploit
NA
CVE-2015-7572
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0237. Reason: This candidate is a duplicate of CVE-2013-0237. Notes: All CVE users should reference CVE-2013-0237 instead of this candidate. All references and descriptions in this candidate have been removed...
1 EDB exploit
NA
CVE-2023-44313
Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This issue affects Apache ServiceComb prior to 2.1.0(include). Users are recommended to upgrade to version 2...
Apache Servicecomb
4
CVSSv2
CVE-2020-12643
OX App Suite 7.10.3 and previous versions has Incorrect Access Control via an /api/subscriptions request for a snippet containing an email address.
Open-xchange Open-xchange Appsuite
4
CVSSv2
CVE-2020-12644
OX App Suite 7.10.3 and previous versions allows SSRF, related to the mail account API and the /folder/list API.
Open-xchange Open-xchange Appsuite
3.5
CVSSv2
CVE-2020-12646
OX App Suite 7.10.3 and previous versions allows XSS via text/x-javascript, text/rdf, or a PDF document.
Open-xchange Open-xchange Appsuite
4
CVSSv2
CVE-2018-5751
The backend component in Open-Xchange OX App Suite prior to 7.6.3-rev36, 7.8.x prior to 7.8.2-rev39, 7.8.3 prior to 7.8.3-rev44, and 7.8.4 prior to 7.8.4-rev22 allows remote authenticated users to obtain sensitive information about external guest users via vectors related to the ...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite 7.8.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »