Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,642)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-15657 142gears 1Suremdm Nov 21, 2024 Feb 5, 2019 N/A· v4 7.3 HIGH· v3 1.9 LOW· v2 An SSRF issue was discovered in 42Gears SureMDM before 2018-11-27 via the /api/DownloadUrlResponse.ashx "url" parameter.
CVE-2018-15517 1Dlink 1Central Wifimanager Nov 21, 2024 Jan 31, 2019 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as dem...Show more The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI.Show less
CVE-2018-15516 1Dlink 1Central Wifimanager Nov 21, 2024 Jan 31, 2019 N/A· v4 5.8 MEDIUM· v3 3.5 LOW· v2 The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers to conduct a PORT command bounce scan via port 8000, resulting in SSRF.
CVE-2018-12609 1Open Xchange 1Open Xchange Appsuite Nov 21, 2024 Jan 30, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery.
CVE-2019-6257 1Std42 1Elfinder Nov 21, 2024 Jan 14, 2019 N/A· v4 7.7 HIGH· v3 4.0 MEDIUM· v2 A Server Side Request Forgery (SSRF) vulnerability in elFinder before 2.1.46 could allow a malicious user to access the content of internal network resources. This occurs in get_remote_contents() in php/elFinder.class.ph...Show more A Server Side Request Forgery (SSRF) vulnerability in elFinder before 2.1.46 could allow a malicious user to access the content of internal network resources. This occurs in get_remote_contents() in php/elFinder.class.php.Show less
CVE-2018-1000422 1Atlassian 1Crowd2 Nov 21, 2024 Jan 9, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java that allows attackers to have Jenkins perform a connection test, connecting to an attacker...Show more An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java that allows attackers to have Jenkins perform a connection test, connecting to an attacker-specified server with attacker-specified credentials and connection settings.Show less
CVE-2018-1000421 1Apache 1Mesos Nov 21, 2024 Jan 9, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to initiate a test connection to an attacker-specified Mesos ser...Show more An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCloud.java that allows attackers with Overall/Read access to initiate a test connection to an attacker-specified Mesos server with attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.Show less
CVE-2019-5725 1Qibosoft 1Qibosoft Nov 21, 2024 Jan 8, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 qibosoft through V7 allows remote attackers to read arbitrary files via the member/index.php main parameter, as demonstrated by SSRF to a URL on the same web site to read a .sql file.
CVE-2018-19601 1Rhymix 1Rhymix Nov 21, 2024 Jan 3, 2019 N/A· v4 9.1 CRITICAL· v3 6.5 MEDIUM· v2 Rhymix CMS 1.9.8.1 allows SSRF via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload.
CVE-2019-3905 1Zohocorp 1Manageengine Adselfservice Plus May 30, 2025 Jan 3, 2019 N/A· v4 10.0 CRITICAL· v3 7.5 HIGH· v2 Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF.
CVE-2018-14721 4Debian FasterxmlOracle+1 more 12Banking Platform Communications Billing And Revenue ManagementDebian Linux+9 more Nov 21, 2024 Jan 2, 2019 N/A· v4 10.0 CRITICAL· v3 7.5 HIGH· v2 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.
CVE-2018-20596 1Jspxcms 1Jspxcms Nov 21, 2024 Dec 30, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Jspxcms v9.0.0 allows SSRF.
CVE-2018-20528 1Jeecms 1Jeecms Nov 21, 2024 Dec 28, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter.
CVE-2018-20436 1Telegram 2Telegram Web Nov 21, 2024 Dec 24, 2018 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 The "secret chat" feature in Telegram 4.9.1 for Android has a "side channel" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent. There are also GET...Show more The "secret chat" feature in Telegram 4.9.1 for Android has a "side channel" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent. There are also GET requests to other URLs on the same web server. This also affects one or more other Telegram products, such as Telegram Web-version 0.7.0. In addition, it can be interpreted as an SSRF issue. NOTE: a third party has reported that potentially unwanted behavior is caused by misconfiguration of the "Secret chats > Preview links" settingShow less
CVE-2018-20228 1Subsonic 1Subsonic Nov 21, 2024 Dec 19, 2018 N/A· v4 8.0 HIGH· v3 6.0 MEDIUM· v2 Subsonic V6.1.5 allows internetRadioSettings.view streamUrl CSRF, with resultant SSRF.
CVE-2018-18843 1Gitlab 1Gitlab Nov 21, 2024 Dec 4, 2018 N/A· v4 10.0 CRITICAL· v3 7.5 HIGH· v2 The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4.4 has SSRF.
CVE-2018-18646 1Gitlab 1Gitlab Nov 21, 2024 Dec 4, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows SSRF.
CVE-2018-19651 1Interspire 1Email Marketer Nov 21, 2024 Nov 28, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 admin/functions/remote.php in Interspire Email Marketer through 6.1.6 has Server Side Request Forgery (SSRF) via a what=importurl&url= request with an http or https URL. This also allows reading local files with a file:...Show more admin/functions/remote.php in Interspire Email Marketer through 6.1.6 has Server Side Request Forgery (SSRF) via a what=importurl&url= request with an http or https URL. This also allows reading local files with a file: URL.Show less
CVE-2018-19047 1Mpdf Project 1Mpdf Nov 21, 2024 Nov 7, 2018 N/A· v4 10.0 CRITICAL· v3 7.5 HIGH· v2 mPDF through 7.1.6, if deployed as a web application that accepts arbitrary HTML, allows SSRF, as demonstrated by a '<img src="http://192.168' substring that triggers a call to getImage in Image/ImageProcessor.php. NOTE:...Show more mPDF through 7.1.6, if deployed as a web application that accepts arbitrary HTML, allows SSRF, as demonstrated by a '<img src="http://192.168' substring that triggers a call to getImage in Image/ImageProcessor.php. NOTE: the software maintainer disputes this, stating "If you allow users to pass HTML without sanitising it, you're asking for trouble.Show less
CVE-2018-18867 1Tecrail 1Responsive Filemanager Nov 21, 2024 Oct 31, 2018 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 An SSRF issue was discovered in tecrail Responsive FileManager 9.13.4 via the upload.php url parameter. NOTE: this issue exists because of an incomplete fix for CVE-2018-15495.

Previous 1...125126127...133 Next