Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,681)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-5526 1Grafana 1Oncall Nov 21, 2024 Jun 5, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call management through simpler workflows and interfaces that are tailored specifically for engineers. Grafana OnCall, from versi...Show more Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call management through simpler workflows and interfaces that are tailored specifically for engineers. Grafana OnCall, from version 1.1.37 before 1.5.2 are vulnerable to a Server Side Request Forgery (SSRF) vulnerability in the webhook functionallity. This issue was fixed in version 1.5.2Show less
CVE-2024-4084 1Mintplexlabs 1Anythingllm Nov 21, 2024 Jun 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of mintplex-labs/anything-llm, allowing attackers to bypass the official fix intended to restrict access to intranet IP addresses and protoc...Show more A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of mintplex-labs/anything-llm, allowing attackers to bypass the official fix intended to restrict access to intranet IP addresses and protocols. Despite efforts to filter out intranet IP addresses starting with 192, 172, 10, and 127 through regular expressions and limit access protocols to HTTP and HTTPS, attackers can still bypass these restrictions using alternative representations of IP addresses and accessing other ports running on localhost. This vulnerability enables attackers to access any asset on the internal network, attack web services on the internal network, scan hosts on the internal network, and potentially access AWS metadata endpoints. The vulnerability is due to insufficient validation of user-supplied URLs, which can be exploited to perform SSRF attacks.Show less
CVE-2024-36675 1Lylme 1Lylme Spage Nov 21, 2024 Jun 4, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 LyLme_spage v1.9.5 is vulnerable to Server-Side Request Forgery (SSRF) via the get_head function.
CVE-2024-4219 1Beyondtrust 1Beyondinsight Nov 21, 2024 Jun 4, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability.
CVE-2024-35635 1Wpmanageninja 1Ninja Tables Apr 3, 2025 Jun 3, 2024 N/A· v4 4.9 MEDIUM· v3 N/A· v2 Server-Side Request Forgery (SSRF) vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.9.
CVE-2024-35633 1Creativethemes 1Blocksy Companion Apr 23, 2026 Jun 3, 2024 N/A· v4 4.9 MEDIUM· v3 N/A· v2 Server-Side Request Forgery (SSRF) vulnerability in Creative Themes Blocksy Companion blocksy-companion.This issue affects Blocksy Companion: from n/a through <= 2.0.42.
CVE-2024-35637 1Church Admin Project 1Church Admin Apr 23, 2026 Jun 3, 2024 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Server-Side Request Forgery (SSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.3.6.
CVE-2023-7073 - - Apr 8, 2026 May 31, 2024 N/A· v4 6.4 MEDIUM· v3 N/A· v2 The Auto Featured Image (Auto Post Thumbnail) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the upload_to_library AJAX action. This makes it possible fo...Show more The Auto Featured Image (Auto Post Thumbnail) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the upload_to_library AJAX action. This makes it possible for authenticated attackers, with author-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.Show less
CVE-2024-4469 1Wp Staging 1Wp Staging May 21, 2025 May 31, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 The WP STAGING WordPress Backup Plugin WordPress plugin before 3.5.0 does not prevent users with the administrator role from pinging conducting SSRF attacks, which may be a problem in multisite configurations.
CVE-2024-36427 - - Nov 21, 2024 May 29, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 The file-serving function in TARGIT Decision Suite before 24.06.19002 (TARGIT Decision Suite 2024 – June) allows authenticated attackers to read or write to server files via a crafted file request. This can allow code ex...Show more The file-serving function in TARGIT Decision Suite before 24.06.19002 (TARGIT Decision Suite 2024 – June) allows authenticated attackers to read or write to server files via a crafted file request. This can allow code execution via a .xview file.Show less
CVE-2024-29415 - - Jan 17, 2025 May 27, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPubl...Show more The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282.Show less
CVE-2024-4399 1Apereo 1Central Authentication Service Jun 30, 2025 May 23, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 The does not validate a parameter before making a request to it, which could allow unauthenticated users to perform SSRF attack
CVE-2024-1855 1Themewinter 1Wpcafe Apr 8, 2026 May 23, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via th...Show more The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via the wpc_check_for_submission function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application.Show less
CVE-2024-25738 - - Nov 21, 2024 May 22, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 through 9.1 before 9.1.1 allows a remote attacker to overwrite local configuration files to gain ac...Show more A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 through 9.1 before 9.1.1 allows a remote attacker to overwrite local configuration files to gain access to the administrator panel and achieve Remote Code Execution. A mitigating factor is that it requires the allow_url_include PHP runtime setting to be on, which is off in default installations. It also requires the /Upgrade route to be exposed, which is exposed by default after installing VuFind, and is recommended to be disabled by setting autoConfigure to false in config.ini.Show less
CVE-2024-5031 1Caseproof 1Memberpress Apr 8, 2026 May 22, 2024 N/A· v4 6.4 MEDIUM· v3 N/A· v2 The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.11.29 via the 'mepr-user-file' shortcode. This makes it possible for authenticated attackers...Show more The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.11.29 via the 'mepr-user-file' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.Show less
CVE-2024-30420 1Appleple 1A Blog Cms May 12, 2025 May 22, 2024 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Server-side request forgery (SSRF) vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12 and Ver.3.0.x series versions prior to Ver.3.0.32. If this vulnerability is exploited, a user with an ad...Show more Server-side request forgery (SSRF) vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12 and Ver.3.0.x series versions prior to Ver.3.0.32. If this vulnerability is exploited, a user with an administrator or higher privilege who can log in to the product may obtain arbitrary files on the server and information on the internal server that is not disclosed to the public.Show less
CVE-2024-4789 - - Apr 8, 2026 May 17, 2024 N/A· v4 6.4 MEDIUM· v3 N/A· v2 Cost Calculator Builder Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to 3.1.72, via the send_demo_webhook() function. This makes it possible for authenticated attackers, with s...Show more Cost Calculator Builder Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to 3.1.72, via the send_demo_webhook() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.Show less
CVE-2023-46784 - - Nov 21, 2024 May 17, 2024 N/A· v4 8.2 HIGH· v3 N/A· v2 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Server-Side Request Forgery (SSRF) vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Absolute Path Traversal,...Show more Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Server-Side Request Forgery (SSRF) vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Absolute Path Traversal, : Server Side Request Forgery.This issue affects ICS Calendar: from n/a through 10.12.0.3.Show less
CVE-2024-3970 1Microfocus 1Imanager Jan 21, 2025 May 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory traversal.
CVE-2024-3485 1Microfocus 1Imanager Jan 21, 2025 May 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure.

Previous 1...767778...135 Next