Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

server-side request forgery vulnerabilities and exploits

(subscribe to this query)

9.8
CVSSv3
CVE-2020-23534
A server-side request forgery (SSRF) vulnerability in Upgrade.php of gopeak masterlab 2.1.5, via the 'source' parameter....
Masterlab Masterlab 2.1.5
9.8
CVSSv3
CVE-2022-27429
Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html....
Jizhicms Jizhicms 1.9.5
4.3
CVSSv3
CVE-2018-1000185
A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL....
Jenkins Github Branch Source
4.3
CVSSv3
CVE-2022-34011
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the parameter entryUrls....
Zhyd Oneblog 2.3.4
7.5
CVSSv3
CVE-2020-20582
A server side request forgery (SSRF) vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1 allows attackers to access sensitive information....
Mipcms Mipcms 5.0.1
6.5
CVSSv3
CVE-2022-28090
Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery (SSRF) via /cmscp/ext/collect/fetch_url.do?url=....
Ujcms Jspxcms 10.2.0
9.1
CVSSv3
CVE-2022-31827
MonstaFTP v2.10.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the function performFetchRequest at HTTPFetcher.php....
Monstaftp Monstaftp 2.10.3
9.8
CVSSv3
CVE-2022-27311
Gibbon v3.4.4 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL....
Gibbon Project Gibbon
9.8
CVSSv3
CVE-2022-24568
Novel-plus v3.6.0 was discovered to be vulnerable to Server-Side Request Forgery (SSRF) via user-supplied crafted input....
Novel-plus Project Novel-plus 3.6.0
9.8
CVSSv3
CVE-2017-0889
Paperclip ruby gem version 3.1.4 and later suffers from a Server-SIde Request Forgery (SSRF) vulnerability in the Paperclip::UriAdapter class. Attackers may be able to access information about internal network resources....
Thoughtbot Paperclip
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-32034CVE-2022-2285IMAPCVE-2021-26855CVE-2022-32030CVE-2022-26763injectCVE-2022-32039SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook