Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,641)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2002-1484 1Siemens 1Db4web Apr 16, 2026 Apr 22, 2003 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that specifies the target IP...Show more DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error message.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2002-1484

1Siemens

1Db4web

Apr 16, 2026

Apr 22, 2003

N/A· v4

9.8 CRITICAL· v3

7.5 HIGH· v2

DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that specifies the target IP...Show more

Previous 1...129 130 131 132133