Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,679)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-2827 1Lakernote 1Easyadmin Aug 21, 2025 Mar 22, 2024 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability, which was classified as critical, has been found in lakernote EasyAdmin up to 20240315. This issue affects some unknown processing of the file /ureport/designer/saveReportFile. The manipulation leads to...Show more A vulnerability, which was classified as critical, has been found in lakernote EasyAdmin up to 20240315. This issue affects some unknown processing of the file /ureport/designer/saveReportFile. The manipulation leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257717 was assigned to this vulnerability.Show less
CVE-2024-27927 1Rsshub 1Rsshub Dec 4, 2025 Mar 21, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 RSSHub is an open source RSS feed generator. Prior to version 1.0.0-master.a429472, RSSHub allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in t...Show more RSSHub is an open source RSS feed generator. Prior to version 1.0.0-master.a429472, RSSHub allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network or conduct Denial-of-Service (DoS) attacks. The attacker can send malicious requests to a RSSHub server, to make the server send HTTP GET requests to arbitrary destinations and see partial responses. This may lead to leak the server IP address, which could be hidden behind a CDN; retrieving information in the internal network, e.g. which addresses/ports are accessible, the titles and meta descriptions of HTML pages; and denial of service amplification. The attacker could request the server to download some large files, or chain several SSRF requests in a single attacker request.Show less
CVE-2024-24028 1Likeshop 1Likeshop Jun 17, 2025 Mar 21, 2024 N/A· v4 5.9 MEDIUM· v3 N/A· v2 Server Side Request Forgery (SSRF) vulnerability in Likeshop before 2.5.7 allows attackers to view sensitive information via the avatar parameter in function UserLogic::updateWechatInfo.
CVE-2024-25294 1Getrebuild 1Rebuild Jun 17, 2025 Mar 20, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 An SSRF issue in REBUILD v.3.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the FileDownloader.java, proxyDownload,URL parameters.
CVE-2024-27098 1Glpi Project 1Glpi Jan 2, 2025 Mar 18, 2024 N/A· v4 9.6 CRITICAL· v3 N/A· v2 GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object In...Show more GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This issue has been patched in version 10.0.13.Show less
CVE-2024-28752 2Apache Netapp 3Cxf Oncommand Workflow AutomationOntap Tools Jun 27, 2025 Mar 15, 2024 N/A· v4 9.3 CRITICAL· v3 N/A· v2 A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users...Show more A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.Show less
CVE-2024-1884 1Papercut 2Papercut Mf Papercut Ng Jan 23, 2025 Mar 14, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attac...Show more This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing.Show less
CVE-2024-28668 1Dedecms 1Dedecms Apr 1, 2025 Mar 13, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/mychannel_add.php
CVE-2024-2049 1Citrix 12Sd Wan 1000 Firmware Sd Wan 1100 FirmwareSd Wan 110 Firmware+9 more Jul 25, 2025 Mar 12, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP.
CVE-2023-49785 1Nextchat 1Nextchat Apr 10, 2025 Mar 12, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 NextChat, also known as ChatGPT-Next-Web, is a cross-platform chat user interface for use with ChatGPT. Versions 2.11.2 and prior are vulnerable to server-side request forgery and cross-site scripting. This vulnerability...Show more NextChat, also known as ChatGPT-Next-Web, is a cross-platform chat user interface for use with ChatGPT. Versions 2.11.2 and prior are vulnerable to server-side request forgery and cross-site scripting. This vulnerability enables read access to internal HTTP endpoints but also write access using HTTP POST, PUT, and other methods. Attackers can also use this vulnerability to mask their source IP by forwarding malicious traffic intended for other Internet targets through these open proxies. As of time of publication, no patch is available, but other mitigation strategies are available. Users may avoid exposing the application to the public internet or, if exposing the application to the internet, ensure it is an isolated network with no access to any other internal resources. Show less
CVE-2024-27707 - - Nov 21, 2024 Mar 7, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Server Side Request Forgery (SSRF) vulnerability in hcengineering Huly Platform v.0.6.202 allows attackers to run arbitrary code via upload of crafted SVG file.
CVE-2024-27565 1Dirk1983 1Chatgpt Wechat Personal Jan 21, 2025 Mar 5, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A Server-Side Request Forgery (SSRF) in weixin.php of ChatGPT-wechat-personal commit a0857f6 allows attackers to force the application to make arbitrary requests.
CVE-2024-27564 1Dirk1983 1Chatgpt Mar 20, 2025 Mar 5, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 pictureproxy.php in the dirk1983 mm1.ltd source code f9f4bbc allows SSRF via the url parameter. NOTE: the references section has an archived copy of pictureproxy.php from its original GitHub location, but the repository...Show more pictureproxy.php in the dirk1983 mm1.ltd source code f9f4bbc allows SSRF via the url parameter. NOTE: the references section has an archived copy of pictureproxy.php from its original GitHub location, but the repository name might later change because it is misleading.Show less
CVE-2024-27563 1Wondercms 1Wondercms Jan 21, 2025 Mar 5, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 A Server-Side Request Forgery (SSRF) in the getFileFromRepo function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl paramete...Show more A Server-Side Request Forgery (SSRF) in the getFileFromRepo function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter.Show less
CVE-2024-27561 1Wondercms 1Wondercms Jan 21, 2025 Mar 5, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 A Server-Side Request Forgery (SSRF) in the installUpdateThemePluginAction function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the installT...Show more A Server-Side Request Forgery (SSRF) in the installUpdateThemePluginAction function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the installThemePlugin parameter.Show less
CVE-2022-43880 1Ibm 1Qradar Wincollect Apr 24, 2025 Mar 3, 2024 N/A· v4 4.4 MEDIUM· v3 N/A· v2 IBM QRadar WinCollect Agent 10.0 through 10.1.2 could allow a privileged user to cause a denial of service. IBM X-Force ID: 240151.
CVE-2024-2057 1Langchain 1Langchain Mar 4, 2025 Mar 1, 2024 N/A· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability was found in LangChain langchain_community 0.0.26. It has been classified as critical. Affected is the function load_local in the library libs/community/langchain_community/retrievers/tfidf.py of the comp...Show more A vulnerability was found in LangChain langchain_community 0.0.26. It has been classified as critical. Affected is the function load_local in the library libs/community/langchain_community/retrievers/tfidf.py of the component TFIDFRetriever. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.0.27 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-255372.Show less
CVE-2024-27949 1Sirv 1Sirv Apr 23, 2026 Mar 1, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Server-Side Request Forgery (SSRF) vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through <= 7.2.0.
CVE-2024-0403 1Tandoor 1Recipes May 19, 2025 Mar 1, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Recipes version 1.5.10 allows arbitrary HTTP requests to be made through the server. This is possible because the application is vulnerable to SSRF.
CVE-2024-1978 1Alex.kirk 1Friends Apr 8, 2026 Feb 29, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 The Friends plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.5 via the discover_available_feeds function. This makes it possible for authenticated attackers, wit...Show more The Friends plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.5 via the discover_available_feeds function. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.Show less

Previous 1...818283...134 Next