Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server-side request forgery vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-22027
The vRealize Operations Manager API (8.x before 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information discl...
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
4.3
CVSSv2
CVE-2015-1764
The web applications in Microsoft Exchange Server 2013 SP1 and Cumulative Update 8 allow remote malicious users to bypass the Same Origin Policy and send HTTP traffic to intranet servers via a crafted request, related to a Server-Side Request Forgery (SSRF) issue, aka "Excha...
Microsoft Exchange Server 2013
10
CVSSv2
CVE-2021-22986
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, and 12.1.x prior to 12.1.5.3 amd BIG-IQ 7.1.0.x prior to 7.1.0.3 and 7.0.0.x prior to 7.0.0.2, the iControl REST interface has an unauthenticated remote comman...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-iq Centralized Management
F5 Ssl Orchestrator
1 Metasploit module
23 Github repositories
2 Articles
NA
CVE-2023-40148
Server-side request forgery (SSRF) in PingFederate allows unauthenticated http requests to attack network resources and consume server-side resources via forged HTTP POST requests.
4
CVSSv2
CVE-2021-3758
bookstack is vulnerable to Server-Side Request Forgery (SSRF)
Bookstackapp Bookstack
5
CVSSv2
CVE-2022-0132
peertube is vulnerable to Server-Side Request Forgery (SSRF)
Framasoft Peertube -
7.5
CVSSv2
CVE-2022-0086
uppy is vulnerable to Server-Side Request Forgery (SSRF)
Transloadit Uppy
NA
CVE-2022-37938
Unauthenticated server side request forgery in HPE Serviceguard Manager
Hpe Serviceguard For Linux
6.5
CVSSv2
CVE-2021-4075
snipe-it is vulnerable to Server-Side Request Forgery (SSRF)
Snipeitapp Snipe-it -
5
CVSSv2
CVE-2021-44139
Sentinel 1.8.2 is vulnerable to Server-side request forgery (SSRF).
Hashicorp Sentinel 1.8.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »