Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssrf vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2015-7568
SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote malicious users to change the account credentials of known users via the "userEmail" parameter.
Yeager Yeager Cms 1.2.1
1 EDB exploit
755
VMScore
CVE-2015-7569
SQL injection vulnerability in "yeager/y.php/tab_USERLIST" in Yeager CMS 1.2.1 allows local users to execute arbitrary SQL commands via the "pagedir_orderby" parameter.
Yeager Yeager Cms 1.2.1
1 EDB exploit
645
VMScore
CVE-2015-7570
Multiple server-side request forgery (SSRF) vulnerabilities in Yeager CMS 1.2.1 allow remote malicious users to trigger outbound requests and enumerate open ports via the dbhost parameter to libs/org/adodb_lite/tests/test_adodb_lite.php, libs/org/adodb_lite/tests/test_datadiction...
Yeager Yeager Cms 1.2.1
1 EDB exploit
NA
CVE-2015-7572
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0237. Reason: This candidate is a duplicate of CVE-2013-0237. Notes: All CVE users should reference CVE-2013-0237 instead of this candidate. All references and descriptions in this candidate have been removed...
1 EDB exploit
685
VMScore
CVE-2015-7571
Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension.
Yeager Yeager Cms 1.2.1
1 EDB exploit
356
VMScore
CVE-2020-12644
OX App Suite 7.10.3 and previous versions allows SSRF, related to the mail account API and the /folder/list API.
Open-xchange Open-xchange Appsuite
NA
CVE-2023-44313
Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This issue affects Apache ServiceComb prior to 2.1.0(include). Users are recommended to upgrade to version 2...
Apache Servicecomb
405
VMScore
CVE-2018-5751
The backend component in Open-Xchange OX App Suite prior to 7.6.3-rev36, 7.8.x prior to 7.8.2-rev39, 7.8.3 prior to 7.8.3-rev44, and 7.8.4 prior to 7.8.4-rev22 allows remote authenticated users to obtain sensitive information about external guest users via vectors related to the ...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite 7.8.0
1 EDB exploit
405
VMScore
CVE-2018-5753
The frontend component in Open-Xchange OX App Suite prior to 7.6.3-rev31, 7.8.x prior to 7.8.2-rev31, 7.8.3 prior to 7.8.3-rev41, and 7.8.4 prior to 7.8.4-rev20 allows remote malicious users to spoof the origin of e-mails via unicode characters in the "personal part" of...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite
1 EDB exploit
355
VMScore
CVE-2018-5754
Cross-site scripting (XSS) vulnerability in the office-web component in Open-Xchange OX App Suite prior to 7.8.3-rev12 and 7.8.4 prior to 7.8.4-rev9 allows remote malicious users to inject arbitrary web script or HTML via a crafted presentation file, related to copying content to...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »