Total
1343 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-2192 | 2025-03-11 | N/A | 4.3 MEDIUM | ||
| A vulnerability, which was classified as problematic, was found in Stoque Zeev.it 4.24. This affects an unknown part of the file /Login?inpLostSession=1 of the component Login Page. The manipulation of the argument inpRedirectURL leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-27430 | 2025-03-11 | N/A | 3.5 LOW | ||
| Under certain conditions, an SSRF vulnerability in SAP CRM and SAP S/4HANA (Interaction Center) allows an attacker with low privileges to access restricted information. This flaw enables the attacker to send requests to internal network resources, thereby compromising the application's confidentiality. There is no impact on integrity or availability | |||||
| CVE-2025-22603 | 2025-03-10 | N/A | N/A | ||
| AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Versions prior to autogpt-platform-beta-v0.4.2 contains a server-side request forgery (SSRF) vulnerability inside component (or block) `Send Web Request`. The root cause is that IPV6 address is not restricted or filtered, which allows attackers to perform a server side request forgery to visit an IPV6 service. autogpt-platform-beta-v0.4.2 fixes the issue. | |||||
| CVE-2025-2116 | 2025-03-09 | N/A | 4.3 MEDIUM | ||
| A vulnerability has been found in Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System 3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /newsedit/newsedit/xy/imageProxy.do of the component File Protocol Handler. The manipulation of the argument xyImgUrl leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-25301 | 1 Danielgatis | 1 Rembg | 2025-03-07 | N/A | 7.5 HIGH |
| Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg server. This issue may lead to Information Disclosure. | |||||
| CVE-2024-53696 | 2025-03-07 | N/A | N/A | ||
| A server-side request forgery (SSRF) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read application data. We have already fixed the vulnerability in the following versions: QuLog Center 1.7.0.829 ( 2024/10/01 ) and later QuLog Center 1.8.0.888 ( 2024/10/15 ) and later QTS 4.5.4.2957 build 20241119 and later QuTS hero h4.5.4.2956 build 20241119 and later | |||||
| CVE-2022-46973 | 1 Anji-plus | 1 Aj-report | 2025-03-07 | N/A | 9.8 CRITICAL |
| Report v0.9.8.6 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability. | |||||
| CVE-2021-26855 | 1 Microsoft | 1 Exchange Server | 2025-03-07 | 7.5 HIGH | N/A |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2024-31993 | 1 Mealie | 1 Mealie | 2025-03-07 | N/A | 4.5 MEDIUM |
| Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the scrape_image function will retrieve an image based on a user-provided URL, however the provided URL is not validated to point to an external location and does not have any enforced rate limiting. The response from the Mealie server will also vary depending on whether or not the target file is an image, is not an image, or does not exist. Additionally, when a file is retrieved the file may remain stored on Mealie’s file system as original.jpg under the UUID of the recipe it was requested for. If the attacker has access to an admin account (e.g. the default changeme@example.com), this file can then be retrieved. Note that if Mealie is running in a development setting this could be leveraged by an attacker to retrieve any file that the Mealie server had downloaded in this fashion without the need for administrator access. This vulnerability is fixed in 1.4.0. | |||||
| CVE-2024-13857 | 2025-03-07 | N/A | 5.5 MEDIUM | ||
| The WPGet API – Connect to any external REST API plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services. | |||||
| CVE-2025-27600 | 2025-03-06 | N/A | N/A | ||
| FastGPT is a knowledge-based platform built on the LLMs. Since the web crawling plug-in does not perform intranet IP verification, an attacker can initiate an intranet IP request, causing the system to initiate a request through the intranet and potentially obtain some private data on the intranet. This issue is fixed in 4.9.0. | |||||
| CVE-2025-1662 | 1 Apprhyme | 1 Url Media Uploader | 2025-03-06 | N/A | 6.4 MEDIUM |
| The URL Media Uploader plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.0 via the 'url_media_uploader_url_upload' action. This makes it possible for authenticated attackers, with author-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | |||||
| CVE-2021-36396 | 1 Moodle | 1 Moodle | 2025-03-05 | N/A | 7.5 HIGH |
| In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk. | |||||
| CVE-2025-25303 | 2025-03-03 | N/A | N/A | ||
| The MouseTooltipTranslator Chrome extension allows mouseover translation of any language at once. The MouseTooltipTranslator browser extension is vulnerable to SSRF attacks. The pdf.mjs script uses the URL parameter from the current URL as the file to download and display to the extension user. Because pdf.mjs is imported in viewer.html and viewer.html is accessible to all URLs, an attacker can force the user’s browser to make a request to any arbitrary URL. After discussion with maintainer, patching this issue would require disabling a major feature of the extension in exchange for a low severity vulnerability. Decision to not patch issue. | |||||
| CVE-2023-27161 | 1 Jellyfin | 1 Jellyfin | 2025-02-28 | N/A | 7.5 HIGH |
| Jellyfin up to v10.7.7 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /Repositories. This vulnerability allows attackers to access network resources and sensitive information via a crafted POST request. | |||||
| CVE-2024-13695 | 1 Kriesi | 1 Enfold | 2025-02-28 | N/A | 5.4 MEDIUM |
| The Enfold theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.0.9 via the 'attachment_id' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | |||||
| CVE-2025-27090 | 1 Bishopfox | 1 Sliver | 2025-02-27 | N/A | 5.3 MEDIUM |
| Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the operator instructed the implant to do so. The only impact that has been shown is the exposure of the server's IP address to a third party. This issue has been addressed in version 1.5.43 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2022-25777 | 1 Acquia | 1 Mautic | 2025-02-27 | N/A | 6.5 MEDIUM |
| Prior to the patched version, an authenticated user of Mautic could read system files and access the internal addresses of the application due to a Server-Side Request Forgery (SSRF) vulnerability. | |||||
| CVE-2024-52606 | 1 Solarwinds | 1 Solarwinds Platform | 2025-02-25 | N/A | 9.8 CRITICAL |
| SolarWinds Platform is affected by server-side request forgery vulnerability. Proper input sanitation was not applied allowing for the possibility of a malicious web request. | |||||
| CVE-2022-41040 | 1 Microsoft | 1 Exchange Server | 2025-02-24 | N/A | N/A |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | |||||