Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server-side request forgery vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-25241
A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via a sweep.
Trendmicro Apex One 2019
Trendmicro Worry-free Business Security 10.0
668
VMScore
CVE-2021-24472
The OnAir2 WordPress theme prior to 3.9.9.2 and QT KenthaRadio WordPress plugin prior to 2.0.2 have exposed proxy functionality to unauthenticated users, sending requests to this proxy functionality will have the web server fetch and display the content from any URI, this would a...
Qantumthemes Kentharadio
Qantumthemes Onair2
NA
CVE-2024-4561
In WhatsUp Gold versions released prior to 2023.1.2 , a blind SSRF vulnerability exists in Whatsup Gold's FaviconController that allows an malicious user to send arbitrary HTTP requests on behalf of the vulnerable server.
NA
CVE-2024-4562
In WhatsUp Gold versions released prior to 2023.1.2 , an SSRF vulnerability exists in Whatsup Gold's Issue exists in the HTTP Monitoring functionality. Due to the lack of proper authorization, any authenticated user can access the HTTP monitoring functionality, what leads t...
NA
CVE-2023-52331
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an malicious user to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the targe...
Trendmicro Apex Central 2019
645
VMScore
CVE-2017-3546
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network...
Oracle Peoplesoft Enterprise Peopletools 8.54
Oracle Peoplesoft Enterprise Peopletools 8.55
1 EDB exploit
NA
CVE-2023-38625
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an malicious user to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low...
Trendmicro Apex Central 2019
NA
CVE-2023-38626
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an malicious user to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low...
Trendmicro Apex Central 2019
NA
CVE-2023-38627
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an malicious user to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low...
Trendmicro Apex Central 2019
384
VMScore
CVE-2018-1000600
A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and previous versions in GitHubTokenCredentialsCreator.java that allows malicious users to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, ...
Jenkins Github
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »