Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,641)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-7553 1Redhat 1Mobile Application Platform May 13, 2026 Sep 29, 2017 N/A· v4 6.3 MEDIUM· v3 6.5 MEDIUM· v2 The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints.
CVE-2017-12905 1Vebto 1Pixie Image Editor May 13, 2026 Sep 25, 2017 N/A· v4 10.0 CRITICAL· v3 7.5 HIGH· v2 Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information or execute arbitrary code via the url parameter to Launderer.php.
CVE-2017-12071 1Synology 1Photo Station May 13, 2026 Sep 8, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via the url parameter.
CVE-2017-9458 1Paloaltonetworks 1Pan Os May 13, 2026 Sep 7, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before 6.1.18, 7.0.x before 7.0.17, 7.1.x before 7.1.12, and 8.0.x before 8.0.3 allows rem...Show more XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before 6.1.18, 7.0.x before 7.0.17, 7.1.x before 7.1.12, and 8.0.x before 8.0.3 allows remote attackers to obtain sensitive information, cause a denial of service, or conduct server-side request forgery (SSRF) attacks via unspecified vectors.Show less
CVE-2017-9506 1Atlassian 1Oauth May 13, 2026 Aug 23, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or per...Show more The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery (SSRF).Show less
CVE-2017-11149 1Synology 1Download Station May 13, 2026 Aug 14, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Server-side request forgery (SSRF) vulnerability in Downloader in Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 allows remote authenticated users to download arbitrary local files via crafted...Show more Server-side request forgery (SSRF) vulnerability in Downloader in Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 allows remote authenticated users to download arbitrary local files via crafted URI.Show less
CVE-2017-11148 1Synology 1Chat May 13, 2026 Aug 11, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Server-side request forgery (SSRF) vulnerability in link preview in Synology Chat before 1.1.0-0806 allows remote authenticated users to access intranet resources via unspecified vectors.
CVE-2017-1000017 1Phpmyadmin 1Phpmyadmin May 13, 2026 Jul 17, 2017 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server
CVE-2017-10973 1Finecms Project 1Finecms May 13, 2026 Jul 6, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In FineCMS before 2017-07-06, application/lib/ajax/get_image_data.php has SSRF, related to requests for non-image files with a modified HTTP Host header.
CVE-2017-6036 1Belden Hirschmann 1Gecko Lite Managed Switch Firmware May 13, 2026 Jun 30, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 A Server-Side Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web server receives a request, but does not sufficiently verify that the request i...Show more A Server-Side Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web server receives a request, but does not sufficiently verify that the request is being sent to the expected destination.Show less
CVE-2017-9355 1Subsonic 1Subsonic May 13, 2026 Jun 7, 2017 N/A· v4 7.4 HIGH· v3 4.3 MEDIUM· v2 XML external entity (XXE) vulnerability in the import playlist feature in Subsonic 6.1.1 might allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted XSPF playlist file.
CVE-2017-9307 1Allen Disk Project 1Allen Disk May 13, 2026 May 31, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 SSRF vulnerability in remotedownload.php in Allen Disk 1.6 allows remote authenticated users to conduct port scans and access intranet servers via a crafted file parameter.
CVE-2017-9066 2Debian Wordpress 2Debian Linux Wordpress May 13, 2026 May 18, 2017 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.
CVE-2017-8794 1Accellion 1File Transfer Appliance May 13, 2026 May 5, 2017 N/A· v4 10.0 CRITICAL· v3 6.4 MEDIUM· v2 An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because a regular expression (intended to match local https URLs) lacks an initial ^ character, courier/web/1000@/wmProgressval.html allows SSRF attac...Show more An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because a regular expression (intended to match local https URLs) lacks an initial ^ character, courier/web/1000@/wmProgressval.html allows SSRF attacks with a file:///etc/passwd#https:// URL pattern.Show less
CVE-2017-3546 1Oracle 1Peoplesoft Enterprise Peopletools May 13, 2026 Apr 24, 2017 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerab...Show more Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).Show less
CVE-2015-7570 1Yeager 1Yeager Cms May 13, 2026 Apr 24, 2017 N/A· v4 7.2 HIGH· v3 6.4 MEDIUM· v2 Multiple server-side request forgery (SSRF) vulnerabilities in Yeager CMS 1.2.1 allow remote attackers to trigger outbound requests and enumerate open ports via the dbhost parameter to libs/org/adodb_lite/tests/test_adod...Show more Multiple server-side request forgery (SSRF) vulnerabilities in Yeager CMS 1.2.1 allow remote attackers to trigger outbound requests and enumerate open ports via the dbhost parameter to libs/org/adodb_lite/tests/test_adodb_lite.php, libs/org/adodb_lite/tests/test_datadictionary.php, or libs/org/adodb_lite/tests/test_adodb_lite_sessions.php.Show less
CVE-2016-7051 1Fasterxml 1Jackson Dataformat Xml May 13, 2026 Apr 14, 2017 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DT...Show more XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD.Show less
CVE-2017-7569 1Vbulletin 1Vbulletin May 13, 2026 Apr 6, 2017 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parse_url function, aka VBV-17037.
CVE-2017-7566 1Mybb 1Mybb May 13, 2026 Apr 6, 2017 N/A· v4 7.7 HIGH· v3 4.0 MEDIUM· v2 MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism.
CVE-2017-6130 1F5 2Ssl Intercept Iapp Ssl Orchestrator May 13, 2026 Apr 6, 2017 N/A· v4 7.4 HIGH· v3 5.8 MEDIUM· v2 F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery (SSRF) attack when deployed using the Dynamic Domain Bypass (DDB) feature feature plus SNAT Auto Map option for...Show more F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery (SSRF) attack when deployed using the Dynamic Domain Bypass (DDB) feature feature plus SNAT Auto Map option for egress traffic.Show less

Previous 1...129 130131132 133 Next