Vulnerabilities (CVE)

Filtered by CWE-918
Total 1014 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-22726 1 Schneider-electric 12 Evlink City Evc1s22p4, Evlink City Evc1s22p4 Firmware, Evlink City Evc1s7p4 and 9 more 2023-12-10 5.5 MEDIUM 8.1 HIGH
A CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could allow an attacker to perform unintended actions or access to data when crafted malicious parameters are submitted to the charging station web server.
CVE-2021-20348 1 Ibm 9 Collaborative Lifecycle Management, Engineering Lifecycle Management, Engineering Lifecycle Optimization - Engineering Insights and 6 more 2023-12-10 5.5 MEDIUM 5.4 MEDIUM
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-ForceID: 194597.
CVE-2021-20480 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2023-12-10 4.0 MEDIUM 6.5 MEDIUM
IBM WebSphere Application Server 7.0, 8.0, and 8.5 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 197502.
CVE-2020-24141 1 Wp-downloadmanager Project 1 Wp-downloadmanager 2023-12-10 5.0 MEDIUM 5.3 MEDIUM
Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the file_remote parameter to download-add.php. It can help identify open ports, local network hosts and execute command on services
CVE-2020-20582 1 Mipcms 1 Mipcms 2023-12-10 5.0 MEDIUM 7.5 HIGH
A server side request forgery (SSRF) vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1 allows attackers to access sensitive information.
CVE-2021-36043 1 Adobe 2 Adobe Commerce, Magento Open Source 2023-12-10 6.0 MEDIUM 6.6 MEDIUM
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension. An attacker with admin privileges could abuse this to achieve remote code execution should Redis be enabled.
CVE-2020-35970 1 Yzmcms 1 Yzmcms 2023-12-10 5.0 MEDIUM 7.5 HIGH
An issue was discovered in YzmCMS 5.8. There is a SSRF vulnerability in the background collection management that allows arbitrary file read.
CVE-2021-34808 1 Synology 1 Media Server 2023-12-10 5.0 MEDIUM 5.3 MEDIUM
Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881 allows remote attackers to access intranet resources via unspecified vectors.
CVE-2020-35313 1 Wondercms 1 Wondercms 2023-12-10 7.5 HIGH 9.8 CRITICAL
A server-side request forgery (SSRF) vulnerability in the addCustomThemePluginRepository function in index.php in WonderCMS 3.1.3 allows remote attackers to execute arbitrary code via a crafted URL to the theme/plugin installer.
CVE-2021-37711 1 Shopware 1 Shopware 2023-12-10 6.5 MEDIUM 8.8 HIGH
Versions prior to 6.4.3.1 contain an authenticated server-side request forgery vulnerability in file upload via URL. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin.
CVE-2021-28627 1 Adobe 1 Experience Manager 2023-12-10 6.5 MEDIUM 8.8 HIGH
Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is affected by a Server-side Request Forgery. An authenticated attacker could leverage this vulnerability to contact systems blocked by the dispatcher. Exploitation of this issue does not require user interaction.
CVE-2021-20483 4 Ibm, Linux, Microsoft and 1 more 5 Aix, Security Identity Manager, Linux Kernel and 2 more 2023-12-10 4.0 MEDIUM 6.5 MEDIUM
IBM Security Identity Manager 6.0.2 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 197591.
CVE-2021-29102 1 Esri 1 Arcgis Server 2023-12-10 6.4 MEDIUM 9.1 CRITICAL
A Server-Side Request Forgery (SSRF) vulnerability in ArcGIS Server Manager version 10.8.1 and below may allow a remote, unauthenticated attacker to forge GET requests to arbitrary URLs from the system, potentially leading to network enumeration or facilitating other attacks.
CVE-2021-28941 1 Magpierss Project 1 Magpierss 2023-12-10 5.0 MEDIUM 5.3 MEDIUM
Because of no validation on a curl command in MagpieRSS 0.72 in the /extlib/Snoopy.class.inc file, when you send a request to the /scripts/magpie_debug.php or /scripts/magpie_simple.php page, it's possible to request any internal page if you use a https request.
CVE-2021-33181 1 Synology 1 Video Station 2023-12-10 6.5 MEDIUM 9.1 CRITICAL
Server-Side Request Forgery (SSRF) vulnerability in webapi component in Synology Video Station before 2.4.10-1632 allows remote authenticated users to send arbitrary request to intranet resources via unspecified vectors.
CVE-2021-32603 1 Fortinet 2 Fortianalyzer, Fortimanager 2023-12-10 4.0 MEDIUM 6.5 MEDIUM
A server-side request forgery (SSRF) (CWE-918) vulnerability in FortiManager and FortiAnalyser GUI 7.0.0, 6.4.5 and below, 6.2.7 and below, 6.0.11 and below, 5.6.11 and below may allow a remote and authenticated attacker to access unauthorized files and services on the system via specifically crafted web requests.
CVE-2021-32639 1 Nsa 1 Emissary 2023-12-10 6.5 MEDIUM 9.9 CRITICAL
Emissary is a P2P-based, data-driven workflow engine. Emissary version 6.4.0 is vulnerable to Server-Side Request Forgery (SSRF). In particular, the `RegisterPeerAction` endpoint and the `AddChildDirectoryAction` endpoint are vulnerable to SSRF. This vulnerability may lead to credential leaks. Emissary version 7.0 contains a patch. As a workaround, disable network access to Emissary from untrusted sources.
CVE-2021-22696 2 Apache, Oracle 6 Cxf, Business Intelligence, Communications Diameter Intelligence Hub and 3 more 2023-12-10 5.0 MEDIUM 7.5 HIGH
CXF supports (via JwtRequestCodeFilter) passing OAuth 2 parameters via a JWT token as opposed to query parameters (see: The OAuth 2.0 Authorization Framework: JWT Secured Authorization Request (JAR)). Instead of sending a JWT token as a "request" parameter, the spec also supports specifying a URI from which to retrieve a JWT token from via the "request_uri" parameter. CXF was not validating the "request_uri" parameter (apart from ensuring it uses "https) and was making a REST request to the parameter in the request to retrieve a token. This means that CXF was vulnerable to DDos attacks on the authorization server, as specified in section 10.4.1 of the spec. This issue affects Apache CXF versions prior to 3.4.3; Apache CXF versions prior to 3.3.10.
CVE-2021-20346 1 Ibm 9 Collaborative Lifecycle Management, Engineering Lifecycle Management, Engineering Lifecycle Optimization - Engineering Insights and 6 more 2023-12-10 5.5 MEDIUM 5.4 MEDIUM
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 194595.
CVE-2021-27905 1 Apache 1 Solr 2023-12-10 7.5 HIGH 9.8 CRITICAL
The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability, Solr ought to check these parameters against a similar configuration it uses for the "shards" parameter. Prior to this bug getting fixed, it did not. This problem affects essentially all Solr versions prior to it getting fixed in 8.8.2.