Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-3744

Summary
Assigner-INCIBE
Assigner Org ID-0cbda920-cd7f-484a-8e76-bf7f4b7f4516
Published At-02 Oct, 2023 | 13:50
Updated At-20 Sep, 2024 | 14:52
Rejected At-
Credits

Server-Side Request Forgery in SLiMS

Server-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow an authenticated attacker to send requests to internal services or upload the contents of relevant files via the "scrape_image.php" file in the imageURL parameter.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:INCIBE
Assigner Org ID:0cbda920-cd7f-484a-8e76-bf7f4b7f4516
Published At:02 Oct, 2023 | 13:50
Updated At:20 Sep, 2024 | 14:52
Rejected At:
▼CVE Numbering Authority (CNA)
Server-Side Request Forgery in SLiMS

Server-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow an authenticated attacker to send requests to internal services or upload the contents of relevant files via the "scrape_image.php" file in the imageURL parameter.

Affected Products
Vendor
SLiMS
Product
SLiMS
Default Status
unaffected
Versions
Affected
  • 9.6.0
Problem Types
TypeCWE IDDescription
CWECWE-918CWE-918 Server-Side Request Forgery (SSRF)
Type: CWE
CWE ID: CWE-918
Description: CWE-918 Server-Side Request Forgery (SSRF)
Metrics
VersionBase scoreBase severityVector
3.19.9CRITICAL
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 9.9
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-664CAPEC-664 Server Side Request Forgery
CAPEC ID: CAPEC-664
Description: CAPEC-664 Server Side Request Forgery
Solutions

The vulnerability has been fixed in the latest version of SLiMS.

Configurations

Workarounds

Exploits

Credits

finder
David Utón Amaya (m3n0sd0n4ld).
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.incibe.es/en/incibe-cert/notices/aviso/server-side-request-forgery-slims
N/A
Hyperlink: https://www.incibe.es/en/incibe-cert/notices/aviso/server-side-request-forgery-slims
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.incibe.es/en/incibe-cert/notices/aviso/server-side-request-forgery-slims
x_transferred
Hyperlink: https://www.incibe.es/en/incibe-cert/notices/aviso/server-side-request-forgery-slims
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve-coordination@incibe.es
Published At:02 Oct, 2023 | 14:15
Updated At:04 Oct, 2023 | 13:41

Server-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow an authenticated attacker to send requests to internal services or upload the contents of relevant files via the "scrape_image.php" file in the imageURL parameter.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.19.9CRITICAL
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.9
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CPE Matches

slims
slims
>>senayan_library_management_system>>9.6.0
cpe:2.3:a:slims:senayan_library_management_system:9.6.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-918Primarynvd@nist.gov
CWE-918Secondarycve-coordination@incibe.es
CWE ID: CWE-918
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-918
Type: Secondary
Source: cve-coordination@incibe.es
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://www.incibe.es/en/incibe-cert/notices/aviso/server-side-request-forgery-slimscve-coordination@incibe.es
Third Party Advisory
Hyperlink: https://www.incibe.es/en/incibe-cert/notices/aviso/server-side-request-forgery-slims
Source: cve-coordination@incibe.es
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

118Records found

CVE-2023-48893
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.75% / 50.31%
||
7 Day CHG~0.00%
Published-01 Dec, 2023 | 00:00
Updated-02 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SLiMS (aka SENAYAN Library Management System) through 9.6.1 allows admin/modules/reporting/customs/staff_act.php SQL Injection via startDate or untilDate.

Action-Not Available
Vendor-slimsn/a
Product-senayan_library_management_system_buliann/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2023-48813
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.75% / 50.31%
||
7 Day CHG~0.00%
Published-01 Dec, 2023 | 00:00
Updated-02 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Senayan Library Management Systems (Slims) 9 Bulian v9.6.1 is vulnerable to SQL Injection via admin/modules/reporting/customs/fines_report.php.

Action-Not Available
Vendor-slimsn/a
Product-senayan_library_management_system_buliann/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2023-45996
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.08% / 60.91%
||
7 Day CHG~0.00%
Published-31 Oct, 2023 | 00:00
Updated-05 Sep, 2024 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in Senayan Library Management Systems Slims v.9 and Bulian v.9.6.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script to the reborrowLimit parameter in the member_type.php.

Action-Not Available
Vendor-slimsn/a
Product-senayan_library_management_system_buliansenayan_library_management_systemn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2023-40970
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.62% / 45.18%
||
7 Day CHG~0.00%
Published-01 Sep, 2023 | 00:00
Updated-01 Oct, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vulnerable to SQL Injection via admin/modules/circulation/loan_rules.php.

Action-Not Available
Vendor-slimsn/a
Product-senayan_library_management_systemn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-45791
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.95% / 57.05%
||
7 Day CHG~0.00%
Published-17 Mar, 2022 | 10:35
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/member_type.php, /admin/modules/system/user_group.php, and /admin/modules/membership/index.php through the dir parameter. It can be used by remotely authenticated librarian users.

Action-Not Available
Vendor-slimsn/a
Product-senayan_library_management_systemn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-38292
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.77% / 51.18%
||
7 Day CHG~0.00%
Published-12 Sep, 2022 | 20:30
Updated-03 Aug, 2024 | 10:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SLiMS Senayan Library Management System v9.4.2 was discovered to contain multiple Server-Side Request Forgeries via the components /bibliography/marcsru.php and /bibliography/z3950sru.php.

Action-Not Available
Vendor-slimsn/a
Product-senayan_library_management_systemn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2023-40969
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.34% / 26.05%
||
7 Day CHG~0.00%
Published-01 Sep, 2023 | 00:00
Updated-01 Oct, 2024 | 13:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to Server Side Request Forgery (SSRF) via admin/modules/bibliography/pop_p2p.php.

Action-Not Available
Vendor-slimsn/a
Product-senayan_library_management_systemn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-43183
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.60% / 72.87%
||
7 Day CHG~0.00%
Published-17 Nov, 2022 | 00:00
Updated-29 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XXL-Job before v2.3.1 contains a Server-Side Request Forgery (SSRF) via the component /admin/controller/JobLogController.java.

Action-Not Available
Vendor-xuxuelin/aXuxueli
Product-xxl-jobn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-24113
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.56% / 42.79%
||
7 Day CHG~0.00%
Published-08 Feb, 2024 | 00:00
Updated-15 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

xxl-job =< 2.4.1 has a Server-Side Request Forgery (SSRF) vulnerability, which causes low-privileged users to control executor to RCE.

Action-Not Available
Vendor-xuxuelin/a
Product-xxl-jobn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-41040
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-99.94% / 99.97%
||
7 Day CHG~0.00%
Published-03 Oct, 2022 | 00:00
Updated-30 Oct, 2025 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-10-21||Apply updates per vendor instructions.
Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-exchange_serverMicrosoft Exchange Server 2016 Cumulative Update 22Microsoft Exchange Server 2019 Cumulative Update 11Microsoft Exchange Server 2016 Cumulative Update 23Microsoft Exchange Server 2013 Cumulative Update 23Microsoft Exchange Server 2019 Cumulative Update 12Exchange Server
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-38931
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.10% / 61.70%
||
7 Day CHG+0.01%
Published-20 Sep, 2022 | 19:58
Updated-28 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the url parameter.

Action-Not Available
Vendor-baijiacms_projectn/a
Product-baijiacmsn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-45499
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.9||CRITICAL
EPSS-Not Assigned
Published-02 Jul, 2026 | 22:18
Updated-03 Jul, 2026 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure OpenAI Elevation of Privilege Vulnerability

Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-Azure Open AI
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-57100
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.9||CRITICAL
EPSS-Not Assigned
Published-02 Jul, 2026 | 22:18
Updated-03 Jul, 2026 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Entra Provisioning Service Elevation of Privilege Vulnerability

Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-Microsoft Entra Provisioning Service
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-13139
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.53% / 41.20%
||
7 Day CHG~0.00%
Published-05 Jan, 2025 | 11:00
Updated-10 Jan, 2025 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
wangl1989 mysiteforme FileController doContent server-side request forgery

A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileController. The manipulation of the argument content leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-wangl1989wangl1989
Product-mysiteformemysiteforme
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-13029
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.51% / 39.80%
||
7 Day CHG+0.01%
Published-29 Dec, 2024 | 23:31
Updated-21 Aug, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Antabot White-Jotter Edit Book book server-side request forgery

A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/book of the component Edit Book Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-antabotAntabot
Product-white-jotterWhite-Jotter
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2023-1977
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-8.8||HIGH
EPSS-0.82% / 52.85%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 11:03
Updated-08 Oct, 2024 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Booking Manager < 2.0.29 - Subscriber+ SSRF

The Booking Manager WordPress plugin before 2.0.29 does not validate URLs input in it's admin panel or in shortcodes for showing events from a remote .ics file, allowing an attacker with privileges as low as Subscriber to perform SSRF attacks on the sites internal network.

Action-Not Available
Vendor-opluginsUnknown
Product-booking_managerBooking Manager
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-2828
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.56% / 42.27%
||
7 Day CHG~0.00%
Published-22 Mar, 2024 | 19:31
Updated-21 Aug, 2025 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
lakernote EasyAdmin IndexController.java thumbnail server-side request forgery

A vulnerability, which was classified as critical, was found in lakernote EasyAdmin up to 20240315. Affected is the function thumbnail of the file src/main/java/com/laker/admin/module/sys/controller/IndexController.java. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 23165d8cb569048c531150f194fea39f8800b8d5. It is recommended to apply a patch to fix this issue. VDB-257718 is the identifier assigned to this vulnerability.

Action-Not Available
Vendor-lakernotelakernotelakernote
Product-easyadminEasyAdmineasyadmin
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-38298
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.62% / 45.18%
||
7 Day CHG~0.00%
Published-12 Sep, 2022 | 21:49
Updated-03 Aug, 2024 | 10:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Appsmith v1.7.11 was discovered to allow attackers to execute an authenticated Server-Side Request Forgery (SSRF) via redirecting incoming requests to the AWS internal metadata endpoint.

Action-Not Available
Vendor-appsmithn/a
Product-appsmithn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-36997
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.60% / 44.52%
||
7 Day CHG+0.01%
Published-28 Jul, 2022 | 00:50
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service.

Action-Not Available
Vendor-n/aVeritas Technologies LLC
Product-flex_appliancenetbackup_appliancenetbackupflex_scalen/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-9813
Matching Score-4
Assigner-Computer Incident Response Center Luxembourg (CIRCL)
ShareView Details
Matching Score-4
Assigner-Computer Incident Response Center Luxembourg (CIRCL)
CVSS Score-6.2||MEDIUM
EPSS-0.23% / 13.98%
||
7 Day CHG~0.00%
Published-28 May, 2026 | 09:27
Updated-04 Jun, 2026 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FlowIntel external reference URL probe allows server-side request forgery

FlowIntel up to version 3.3.0 contains a server-side request forgery (SSRF) vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker who can submit an external reference URL can cause the application server to issue an HTTP HEAD request to an attacker-specified destination. Due to insufficient validation of the URL scheme and resolved destination address, affected versions may allow requests to loopback, link-local, private, reserved, or other restricted network resources, potentially enabling interaction with internal services or cloud metadata endpoints from the server's network context.

Action-Not Available
Vendor-flowintelflowintel
Product-flowintelflowintel
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-7253
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 10.00%
||
7 Day CHG+0.02%
Published-22 Jun, 2026 | 15:21
Updated-30 Jun, 2026 | 14:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in Sterling File Gateway

IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in Sterling File Gateway, due to a flaw which may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks [GHSA-rr7j-v2q5-chgv] [CVE-2026-7253]. IBM Sterling File Gateway is used in our speech runtimes. This vulnerabilitiy has been addressed. Please read the details for remediation below.

Action-Not Available
Vendor-IBM Corporation
Product-watson_speech_services_cartridgeIBM Watson Speech Services Cartridge
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-56348
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-5.3||MEDIUM
EPSS-0.26% / 17.55%
||
7 Day CHG~0.00%
Published-22 Jun, 2026 | 21:04
Updated-24 Jun, 2026 | 16:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
n8n - Credential Exfiltration via Allowed HTTP Request Domains Bypass in Dynamic Node Parameters Endpoint

n8n before 2.20.0 contains a credential exfiltration vulnerability in the POST /rest/dynamic-node-parameters/options endpoint that allows authenticated users to bypass Allowed HTTP Request Domains restrictions. Attackers with credential access can cause the n8n server to issue HTTP requests with credentials to unauthorized hosts, exfiltrating sensitive authentication data.

Action-Not Available
Vendor-n8nn8n
Product-n8nn8n
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-55115
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-9.9||CRITICAL
EPSS-0.23% / 13.98%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 14:50
Updated-02 Jul, 2026 | 16:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery (SSRF) in UniFi Protect Application to escalate privileges on the host device.

Action-Not Available
Vendor-Ubiquiti Inc.
Product-UniFi Protect Application
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-31776
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.44% / 35.59%
||
7 Day CHG~0.00%
Published-31 Jul, 2022 | 16:07
Updated-17 Sep, 2024 | 04:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 228433.

Action-Not Available
Vendor-IBM Corporation
Product-datapower_gatewayDataPower Gateway
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-3152
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-8.8||HIGH
EPSS-0.57% / 42.94%
||
7 Day CHG~0.00%
Published-06 Jun, 2024 | 17:19
Updated-15 Oct, 2025 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation and Local File Inclusion in mintplex-labs/anything-llm

mintplex-labs/anything-llm is vulnerable to multiple security issues due to improper input validation in several endpoints. An attacker can exploit these vulnerabilities to escalate privileges from a default user role to an admin role, read and delete arbitrary files on the system, and perform Server-Side Request Forgery (SSRF) attacks. The vulnerabilities are present in the `/request-token`, `/workspace/:slug/thread/:threadSlug/update`, `/system/remove-logo`, `/system/logo`, and collector's `/process` endpoints. These issues are due to the application's failure to properly validate user input before passing it to `prisma` functions and other critical operations. Affected versions include the latest version prior to 1.0.0.

Action-Not Available
Vendor-mintplexlabsmintplex-labsmintplexlabs
Product-anythingllmmintplex-labs/anything-llmanythingllm
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2014-8943
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.96% / 57.13%
||
7 Day CHG~0.00%
Published-01 Jun, 2020 | 16:28
Updated-06 Aug, 2024 | 13:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lexiglot through 2014-11-20 allows SSRF via the admin.php?page=projects svn_url parameter.

Action-Not Available
Vendor-n/aPiwigo
Product-lexiglotn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-45504
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-0.46% / 37.02%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 17:04
Updated-01 Jul, 2026 | 20:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Exchange Server Elevation of Privilege Vulnerability

Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-exchange_serverexchange_server_subscription_editionMicrosoft Exchange Server 2016 Cumulative Update 23Microsoft Exchange Server 2019 Cumulative Update 14Microsoft Exchange Server 2019 Cumulative Update 15Microsoft Exchange Server Subscription Edition RTM
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-44015
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.5||HIGH
EPSS-0.32% / 23.60%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 20:49
Updated-14 May, 2026 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nginx UI: Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware Allows Access to Internal Services

Nginx UI is a web user interface for the Nginx web server. In 2.3.4 and earlier, an authenticated user can perform Server-Side Request Forgery (SSRF) by creating a cluster node pointing to an arbitrary internal URL and then sending API requests with the X-Node-ID header. The Proxy middleware forwards these requests to the attacker-specified internal address, bypassing network segmentation and enabling access to services bound to localhost or internal networks.

Action-Not Available
Vendor-Nginx UI (0xJacky)
Product-nginx_uinginx-ui
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-41609
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-6.4||MEDIUM
EPSS-0.53% / 41.17%
||
7 Day CHG~0.00%
Published-18 Nov, 2022 | 23:18
Updated-28 Apr, 2026 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Better Messages plugin <= 1.9.10.68 - Server-Side Request Forgery (SSRF) vulnerability

Auth. (subscriber+) Server-Side Request Forgery (SSRF) vulnerability in Better Messages plugin 1.9.10.68 on WordPress.

Action-Not Available
Vendor-wordplusWordPlus
Product-better_messagesBetter Messages (WordPress plugin)
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-27426
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.80% / 52.12%
||
7 Day CHG+0.02%
Published-15 Apr, 2022 | 19:21
Updated-03 Aug, 2024 | 05:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Server-Side Request Forgery (SSRF) in Chamilo LMS v1.11.13 allows attackers to enumerate the internal network and execute arbitrary system commands via a crafted Phar file.

Action-Not Available
Vendor-chamilon/a
Product-chamilo_lmsn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-2997
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.48% / 38.22%
||
7 Day CHG+0.03%
Published-31 Mar, 2025 | 13:31
Updated-10 Oct, 2025 | 17:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
zhangyanbo2007 youkefu url server-side request forgery

A vulnerability was found in zhangyanbo2007 youkefu 4.2.0. It has been classified as critical. Affected is an unknown function of the file /res/url. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-zhangyanbo2007zhangyanbo2007
Product-youkefuyoukefu
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-29972
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.9||CRITICAL
EPSS-2.62% / 83.60%
||
7 Day CHG~0.00%
Published-08 May, 2025 | 22:17
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Storage Resource Provider Spoofing Vulnerability

Server-side request forgery (ssrf) in Azure Storage Resource Provider allows an authorized attacker to perform spoofing over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_storage_resource_providerAzure Storage Resource Provider (SRP)
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-23644
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.89% / 54.99%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 18:20
Updated-23 Apr, 2025 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Server-side request forgery in BookWyrm

BookWyrm is a decentralized social network for tracking reading habits and reviewing books. The functionality to load a cover via url is vulnerable to a server-side request forgery attack. Any BookWyrm instance running a version prior to v0.3.0 is susceptible to attack from a logged-in user. The problem has been patched and administrators should upgrade to version 0.3.0 As a workaround, BookWyrm instances can close registration and limit members to trusted individuals.

Action-Not Available
Vendor-joinbookwyrmbookwyrm-social
Product-bookwyrmbookwyrm
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-45926
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-16.97% / 96.69%
||
7 Day CHG~0.00%
Published-18 Jan, 2023 | 00:00
Updated-04 Apr, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint notify.localizeEmailTemplate allows a low-privilege user to evaluate webreports.

Action-Not Available
Vendor-n/aOpen Text Corporation
Product-opentext_extended_ecmn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-21384
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.3||HIGH
EPSS-0.65% / 46.47%
||
7 Day CHG+0.05%
Published-01 Apr, 2025 | 00:40
Updated-26 Feb, 2026 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Health Bot Elevation of Privilege Vulnerability

An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_health_botAzure Health Bot
CWE ID-CWE-693
Protection Mechanism Failure
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2023-7037
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.71% / 48.96%
||
7 Day CHG~0.00%
Published-21 Dec, 2023 | 17:00
Updated-02 Aug, 2024 | 08:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
automad FileController.php import server-side request forgery

A vulnerability was found in automad up to 1.10.9. It has been declared as critical. This vulnerability affects the function import of the file FileController.php. The manipulation of the argument importUrl leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-248686 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-automadn/a
Product-automadautomad
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-21385
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-24.44% / 97.61%
||
7 Day CHG~0.00%
Published-09 Jan, 2025 | 22:07
Updated-09 Jun, 2026 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Purview Information Disclosure Vulnerability

A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized attacker to disclose information over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-purviewMicrosoft Purview
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-20958
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.3||HIGH
EPSS-0.95% / 56.93%
||
7 Day CHG~0.00%
Published-03 Nov, 2022 | 19:26
Updated-03 Aug, 2024 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an unauthenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface. A successful exploit could allow the attacker to obtain confidential information from the BroadWorks server and other device on the network. {{value}} ["%7b%7bvalue%7d%7d"])}]]

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-broadworks_commpilot_applicationCisco BroadWorks
CWE ID-CWE-36
Absolute Path Traversal
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-0308
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.48% / 38.12%
||
7 Day CHG~0.00%
Published-08 Jan, 2024 | 10:00
Updated-03 Jun, 2025 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Inis Proxy.php server-side request forgery

A vulnerability was found in Inis up to 2.0.1. It has been rated as critical. This issue affects some unknown processing of the file app/api/controller/default/Proxy.php. The manipulation of the argument p_url leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249875.

Action-Not Available
Vendor-inis_projectn/a
Product-inisInis
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-21177
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.7||HIGH
EPSS-1.16% / 63.15%
||
7 Day CHG~0.00%
Published-06 Feb, 2025 | 22:41
Updated-13 Feb, 2026 | 19:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Dynamics 365 Sales Elevation of Privilege Vulnerability

Server-side request forgery (ssrf) in Microsoft Dynamics 365 Sales allows an authorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-dynamics_365_salesDynamics 365 Sales
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-1848
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.47% / 37.30%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 03:31
Updated-26 May, 2025 | 02:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
zj1983 zz import_data_check server-side request forgery

A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is an unknown function of the file /import_data_check. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-zframeworkszj1983
Product-zzzz
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-14516
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.39% / 30.79%
||
7 Day CHG~0.00%
Published-11 Dec, 2025 | 14:02
Updated-05 Mar, 2026 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Yalantis uCrop URL com.yalantis.ucrop.task.BitmapLoadTask.java downloadFile server-side request forgery

A vulnerability was found in Yalantis uCrop 2.2.11. Affected by this issue is the function downloadFile of the file com.yalantis.ucrop.task.BitmapLoadTask.java of the component URL Handler. Performing manipulation results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-yalantisYalantis
Product-ucropuCrop
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-28735
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.07% / 60.65%
||
7 Day CHG~0.00%
Published-30 Dec, 2020 | 18:38
Updated-04 Aug, 2024 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Plone before 5.2.3 allows SSRF attacks via the tracebacks feature (only available to the Manager role).

Action-Not Available
Vendor-n/aPlone Foundation
Product-plonen/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-1239
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-8.8||HIGH
EPSS-1.41% / 69.45%
||
7 Day CHG~0.00%
Published-02 May, 2022 | 16:05
Updated-02 Aug, 2024 | 23:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HubSpot < 8.8.15 - Contributor+ Blind SSRF

The HubSpot WordPress plugin before 8.8.15 does not validate the proxy URL given to the proxy REST endpoint, which could allow users with the edit_posts capability (by default contributor and above) to perform SSRF attacks

Action-Not Available
Vendor-hubspotUnknown
Product-hubspotHubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2023-39108
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.96% / 85.56%
||
7 Day CHG~0.00%
Published-01 Aug, 2023 | 00:00
Updated-17 Oct, 2024 | 19:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.

Action-Not Available
Vendor-rconfign/a
Product-rconfign/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-13970
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.29% / 66.68%
||
7 Day CHG~0.00%
Published-28 Jul, 2020 | 20:24
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Shopware before 6.2.3 is vulnerable to a Server-Side Request Forgery (SSRF) in its "Mediabrowser upload by URL" feature. This allows an authenticated user to send HTTP, HTTPS, FTP, and SFTP requests on behalf of the Shopware platform server.

Action-Not Available
Vendor-shopwaren/a
Product-shopwaren/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-10391
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.30% / 21.40%
||
7 Day CHG~0.00%
Published-14 Sep, 2025 | 05:02
Updated-14 Oct, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CRMEB OutAccountServices.php testOutUrl server-side request forgery

A security vulnerability has been detected in CRMEB up to 5.6.1. The impacted element is the function testOutUrl of the file app/services/out/OutAccountServices.php. The manipulation of the argument push_token_url leads to server-side request forgery. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-crmebn/a
Product-crmebCRMEB
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-10764
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.41% / 32.98%
||
7 Day CHG~0.00%
Published-21 Sep, 2025 | 05:32
Updated-14 Oct, 2025 | 19:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SeriaWei ZKEACMS Event Action System PendingTaskController.cs Edit server-side request forgery

A vulnerability was identified in SeriaWei ZKEACMS up to 4.3. This affects the function Edit of the file src/ZKEACMS.EventAction/Controllers/PendingTaskController.cs of the component Event Action System. Such manipulation of the argument Data leads to server-side request forgery. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-zkeaSeriaWei
Product-zkeacmsZKEACMS
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-13295
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-5.4||MEDIUM
EPSS-1.16% / 63.23%
||
7 Day CHG~0.00%
Published-10 Aug, 2020 | 13:32
Updated-04 Aug, 2024 | 12:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.

Action-Not Available
Vendor-GitLab Inc.
Product-runnerGitLab Runner
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-13309
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-5.4||MEDIUM
EPSS-1.26% / 66.16%
||
7 Day CHG~0.00%
Published-14 Sep, 2020 | 21:36
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a blind SSRF attack through the repository mirroring feature.

Action-Not Available
Vendor-GitLab Inc.
Product-gitlabGitLab
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found