Total
1052 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-12609 | 1 Open-xchange | 1 Open-xchange Appsuite | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery. | |||||
CVE-2018-7667 | 1 Adminer | 1 Adminer | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Adminer through 4.3.1 has SSRF via the server parameter. | |||||
CVE-2018-8939 | 1 Ipswitch | 1 Whatsup Gold | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can submit specially crafted requests via the NmAPI executable to (1) gain unauthorized access to the WhatsUp Gold system, (2) obtain information about the WhatsUp Gold system, or (3) execute remote commands. | |||||
CVE-2018-2370 | 1 Sap | 1 Bi Launchpad | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
Server Side Request Forgery (SSRF) vulnerability in SAP Central Management Console, BI Launchpad and Fiori BI Launchpad, 4.10, from 4.20, from 4.30, could allow a malicious user to use common techniques to determine which ports are in use on the backend server. | |||||
CVE-2017-16614 | 1 Tp-shop | 1 Tpshop | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
SSRF (Server Side Request Forgery) in tpshop 2.0.5 and 2.0.6 allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution via the plugins/payment/weixin/lib/WxPay.tedatac.php fBill parameter. | |||||
CVE-2018-1000185 | 1 Jenkins | 1 Github Branch Source | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | |||||
CVE-2018-1000606 | 1 Jenkins | 1 Urltrigger | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | |||||
CVE-2018-10174 | 1 Digitalguardian | 1 Management Console | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote attackers to read arbitrary files via file:// URLs, send TCP traffic to intranet hosts, or obtain an NTLM hash. This can occur even if the logged-in user has a read-only role. | |||||
CVE-2018-1000067 | 2 Jenkins, Oracle | 2 Jenkins, Communications Cloud Native Core Automated Test Suite | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
An improper authorization vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to have Jenkins submit HTTP GET requests and get limited information about the response. | |||||
CVE-2018-1000182 | 1 Jenkins | 1 Git | 2023-12-10 | 5.5 MEDIUM | 6.4 MEDIUM |
A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | |||||
CVE-2017-0929 | 1 Dnnsoftware | 1 Dotnetnuke | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources. | |||||
CVE-2018-1000056 | 1 Jenkins | 1 Junit | 2023-12-10 | 6.5 MEDIUM | 8.3 HIGH |
Jenkins JUnit Plugin 1.23 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks. | |||||
CVE-2018-12571 | 1 Microsoft | 1 Forefront Unified Access Gateway | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the orig_url parameter, possibly causing a traffic amplification and/or SSRF outcome. | |||||
CVE-2018-7516 | 1 Geutebrueck | 4 G-cam\/efd-2250, G-cam\/efd-2250 Firmware, Topfd-2125 and 1 more | 2023-12-10 | 7.5 HIGH | 7.3 HIGH |
A server-side request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could lead to proxied network scans. | |||||
CVE-2018-1000553 | 1 Trovebox | 1 Trovebox | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Trovebox version <= 4.0.0-rc6 contains a Server-Side request forgery vulnerability in webhook component that can result in read or update internal resources. This attack appear to be exploitable via HTTP request. This vulnerability appears to have been fixed in after commit 742b8ed. | |||||
CVE-2018-1000188 | 1 Jenkins | 1 Cas | 2023-12-10 | 5.5 MEDIUM | 5.4 MEDIUM |
A server-side request forgery vulnerability exists in Jenkins CAS Plugin 1.4.1 and older in CasSecurityRealm.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | |||||
CVE-2018-12678 | 1 Portainer | 1 Portainer | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote attackers to bypass intended access restrictions or conduct SSRF attacks. | |||||
CVE-2018-1042 | 1 Moodle | 1 Moodle | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
Moodle 3.x has Server Side Request Forgery in the filepicker. | |||||
CVE-2018-1000124 | 1 I-librarian | 1 I\, Librarian | 2023-12-10 | 7.5 HIGH | 10.0 CRITICAL |
I Librarian I-librarian version 4.8 and earlier contains a XML External Entity (XXE) vulnerability in line 154 of importmetadata.php(simplexml_load_string) that can result in an attacker reading the contents of a file and SSRF. This attack appear to be exploitable via posting xml in the Parameter form_import_textarea. | |||||
CVE-2018-9919 | 1 Tp-shop | 1 Tp-shop | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A web-accessible backdoor, with resultant SSRF, exists in Tp-shop 2.0.5 through 2.0.8, which allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution, because /vendor/phpdocumentor/reflection-docblock/tests/phpDocumentor/Reflection/DocBlock/Tag/LinkTagTeet.php writes data from the "down_url" URL into the "bddlj" local file if the attacker knows the backdoor "jmmy" parameter. |