Total
1534 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-4101 | 1 Hcltech | 1 Hcl Digital Experience | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| "HCL Digital Experience is susceptible to Server Side Request Forgery." | |||||
| CVE-2020-3938 | 1 Sysjust | 1 Syuan-gu-da-shin | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Request Forgery, allowing attackers to launch inquiries into network architecture or system files of the server via forged inquests. | |||||
| CVE-2020-3769 | 1 Adobe | 1 Experience Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2020-36232 | 1 Atlassian | 4 Atlassian-gadgets, Data Center, Jira Data Center and 1 more | 2024-11-21 | 4.0 MEDIUM | 5.0 MEDIUM |
| The MessageBundleWhiteList class of atlassian-gadgets before version 4.2.37, from version 4.3.0 before 4.3.14, from version 4.3.2.0 before 4.3.2.4, from version 4.4.0 before 4.4.12, and from version 5.0.0 before 5.0.1 allowed unexpected DNS lookups and requests to arbitrary services as it incorrectly obtained application base url information from the executing http request which could be attacker controlled. | |||||
| CVE-2020-36200 | 1 Kaspersky | 1 Tinycheck | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| TinyCheck before commits 9fd360d and ea53de8 allowed an authenticated attacker to send an HTTP GET request to the crafted URLs. | |||||
| CVE-2020-35970 | 1 Yzmcms | 1 Yzmcms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in YzmCMS 5.8. There is a SSRF vulnerability in the background collection management that allows arbitrary file read. | |||||
| CVE-2020-35850 | 1 Cockpit-project | 1 Cockpit | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| An SSRF issue was discovered in cockpit-project.org Cockpit 234. NOTE: this is unrelated to the Agentejo Cockpit product. NOTE: the vendor states "I don't think [it] is a big real-life issue. | |||||
| CVE-2020-35712 | 3 Esri, Linux, Microsoft | 3 Arcgis Server, Linux Kernel, Windows | 2024-11-21 | 9.3 HIGH | 9.8 CRITICAL |
| Esri ArcGIS Server before 10.8 is vulnerable to SSRF in some configurations. | |||||
| CVE-2020-35667 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials. | |||||
| CVE-2020-35561 | 2 Helmholz, Mbconnectline | 4 Myrex24, Myrex24.virtual, Mbconnect24 and 1 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. There is an SSRF in the HA module allowing an unauthenticated attacker to scan for open ports. | |||||
| CVE-2020-35558 | 2 Helmholz, Mbconnectline | 4 Myrex24, Myrex24.virtual, Mbconnect24 and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual through 2.11.2. There is an SSRF in the in the MySQL access check, allowing an attacker to scan for open ports and gain some information about possible credentials. | |||||
| CVE-2020-35313 | 1 Wondercms | 1 Wondercms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A server-side request forgery (SSRF) vulnerability in the addCustomThemePluginRepository function in index.php in WonderCMS 3.1.3 allows remote attackers to execute arbitrary code via a crafted URL to the theme/plugin installer. | |||||
| CVE-2020-35205 | 1 Quest | 1 Policy Authority For Unified Communications | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Server Side Request Forgery (SSRF) in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to scan internal ports and make outbound connections via the initFile.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | |||||
| CVE-2020-28978 | 1 Canto | 1 Canto | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/tree.php?subdomain=SSRF. | |||||
| CVE-2020-28977 | 1 Canto | 1 Canto | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/get.php?subdomain=SSRF. | |||||
| CVE-2020-28976 | 1 Canto | 1 Canto | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF. | |||||
| CVE-2020-28943 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| OX App Suite 7.10.4 and earlier allows SSRF via a snippet. | |||||
| CVE-2020-28735 | 1 Plone | 1 Plone | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Plone before 5.2.3 allows SSRF attacks via the tracebacks feature (only available to the Manager role). | |||||
| CVE-2020-28463 | 2 Fedoraproject, Reportlab | 2 Fedora, Reportlab | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags. In order to reduce risk, use trustedSchemes & trustedHosts (see in Reportlab's documentation) Steps to reproduce by Karan Bamal: 1. Download and install the latest package of reportlab 2. Go to demos -> odyssey -> dodyssey 3. In the text file odyssey.txt that needs to be converted to pdf inject <img src="http://127.0.0.1:5000" valign="top"/> 4. Create a nc listener nc -lp 5000 5. Run python3 dodyssey.py 6. You will get a hit on your nc showing we have successfully proceded to send a server side request 7. dodyssey.py will show error since there is no img file on the url, but we are able to do SSRF | |||||
| CVE-2020-28360 | 1 Private-ip Project | 1 Private-ip | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Insufficient RegEx in private-ip npm package v1.0.5 and below insufficiently filters reserved IP ranges resulting in indeterminate SSRF. An attacker can perform a large range of requests to ARIN reserved IP ranges, resulting in an indeterminable number of critical attack vectors, allowing remote attackers to request server-side resources or potentially execute arbitrary code through various SSRF techniques. | |||||