Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssrf vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-23718
The package ssrf-agent prior to 1.0.5 are vulnerable to Server-side Request Forgery (SSRF) via the defaultIpChecker function. It fails to properly validate if the IP requested is private.
Ssrf-agent Project Ssrf-agent
NA
CVE-2015-5255
Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before Update 7 and LiveCycle Data Services 3.0.x prior to 3.0.0.354175, 3.1.x prior to 3.1.0.354180, 4.5.x prior to 4.5.1.354177, 4.6.2.x prior to 4.6.2.354178, and 4.7.x prior to 4.7.0.354178, allows remote malicio...
Hp Xp7 Command View Advanced Edition -
Hp Xp P9000 Command View Advanced Edition -
Adobe Coldfusion
Adobe Livecycle Data Services 4.6
Adobe Livecycle Data Services 4.7
Adobe Livecycle Data Services 3.0
Adobe Livecycle Data Services 4.5
9.8
CVSSv3
CVE-2018-9919
A web-accessible backdoor, with resultant SSRF, exists in Tp-shop 2.0.5 up to and including 2.0.8, which allows remote malicious users to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution, because /vendor/phpdocumentor/reflection-do...
Tp-shop Tp-shop
NA
CVE-2014-7959
SQL injection vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tableprefix parameter.
Ait-pro Bulletproof Security .45.4
Ait-pro Bulletproof Security .45.5
Ait-pro Bulletproof Security .45.6
Ait-pro Bulletproof Security .46.3
Ait-pro Bulletproof Security .46.4
Ait-pro Bulletproof Security .47.1
Ait-pro Bulletproof Security .47.2
Ait-pro Bulletproof Security .48
Ait-pro Bulletproof Security .48.1
Ait-pro Bulletproof Security .48.8
Ait-pro Bulletproof Security .48.9
Ait-pro Bulletproof Security .49.6
Ait-pro Bulletproof Security .49.7
Ait-pro Bulletproof Security .45.2
Ait-pro Bulletproof Security .45.3
Ait-pro Bulletproof Security .50.7
Ait-pro Bulletproof Security .50.8
Ait-pro Bulletproof Security .45.9
Ait-pro Bulletproof Security .46
Ait-pro Bulletproof Security .46.7
Ait-pro Bulletproof Security .46.8
Ait-pro Bulletproof Security .47.5
NA
CVE-2014-8749
Server-side request forgery (SSRF) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote malicious users to trigger outbound requests that authenticate to arbitrary databases via the dbhost parameter.
Ait-pro Bulletproof Security
9.6
CVSSv3
CVE-2023-1895
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Server Side Request Forgery via the get_remote_content REST API endpoint in versions up to, and including, 1.8.3. This can allow authenticated attackers with subscriber-level permissions or above to make we...
Motopress Getwid - Gutenberg Blocks
4.3
CVSSv3
CVE-2023-1910
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the get_remote_templates function in versions up to, and including, 1.8.3. This makes it possible for authenticated attackers wit...
Motopress Getwid - Gutenberg Blocks
NA
CVE-2014-7958
Cross-site scripting (XSS) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the dbhost parameter.
Ait-pro Bulletproof Security .50.4
Ait-pro Bulletproof Security .50.3
Ait-pro Bulletproof Security .44.1
Ait-pro Bulletproof Security .44
Ait-pro Bulletproof Security .49.3
Ait-pro Bulletproof Security .49.2
Ait-pro Bulletproof Security .48.5
Ait-pro Bulletproof Security .48.4
Ait-pro Bulletproof Security .47.7
Ait-pro Bulletproof Security .47.6
Ait-pro Bulletproof Security .47.5
Ait-pro Bulletproof Security .46.8
Ait-pro Bulletproof Security .46.7
Ait-pro Bulletproof Security .46
Ait-pro Bulletproof Security .45.9
Ait-pro Bulletproof Security .50.6
Ait-pro Bulletproof Security .50.5
Ait-pro Bulletproof Security .45.1
Ait-pro Bulletproof Security .45
Ait-pro Bulletproof Security .49.5
Ait-pro Bulletproof Security .49.4
Ait-pro Bulletproof Security .48.7
5.4
CVSSv3
CVE-2018-13103
OX App Suite 7.8.4 and previous versions allows SSRF.
Open-xchange Open-xchange Appsuite
5.4
CVSSv3
CVE-2018-13104
OX App Suite 7.8.4 and previous versions allows XSS. Internal reference: 58742 (Bug ID)
Open-xchange Open-xchange Appsuite
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »