Filtered by CWE-918
Filtered by vendor Subscriptions
Total 1316 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-46468 1 Jpress 1 Jpress 2024-10-15 7.5 High
A Server-Side Request Forgery (SSRF) vulnerability exists in the jpress <= v5.1.1, which can be exploited by an attacker to obtain sensitive information, resulting in an information disclosure.
CVE-2024-45317 1 Sonicwall 1 Sma1000 Firmware 2024-10-15 N/A
A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3-02676 and earlier allows a remote, unauthenticated attacker to cause the SMA1000 server-side application to make requests to an unintended IP address.
CVE-2024-41651 1 Prestashop 1 Prestashop 2024-10-09 9.8 Critical
An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. NOTE: this is disputed by multiple parties, who report that exploitation requires that an attacker be able to hijack network requests made by an admin user (who, by design, is allowed to change the code that is running on the server).
CVE-2024-38183 1 Microsoft 1 Groupme 2024-10-09 8.8 High
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link.
CVE-2024-47066 1 Lobehub 1 Lobe Chat 2024-09-30 9 Critical
Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.19.13, server-side request forgery protection implemented in `src/app/api/proxy/route.ts` does not consider redirect and could be bypassed when attacker provides an external malicious URL which redirects to internal resources like a private network or loopback address. Version 1.19.13 contains an improved fix for the issue.
CVE-2024-47222 1 Myoffice 1 My Office Sdk 2024-09-30 9.8 Critical
New Cloud MyOffice SDK Collaborative Editing Server 2.2.2 through 2.8 allows SSRF via manipulation of requests from external document storage via the MS-WOPI protocol.
CVE-2024-47049 1 Czim 1 File-handling 2024-09-27 8.2 High
The czim/file-handling package before 1.5.0 and 2.x before 2.3.0 (used with PHP Composer) does not properly validate URLs within makeFromUrl and makeFromAny, leading to SSRF, and to directory traversal for the reading of local files.
CVE-2024-45843 1 Mattermost 1 Mattermost Server 2024-09-26 3.1 Low
Mattermost versions 9.5.x <= 9.5.8 fail to include the metadata endpoints of Oracle Cloud and Alibaba in the SSRF denylist, which allows an attacker to possibly cause an SSRF if Mattermost was deployed in Oracle Cloud or Alibaba.
CVE-2024-40441 1 Doccano 2 Auto Labeling Pipeline, Doccano 2024-09-26 6.6 Medium
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via the model_attribs parameter.
CVE-2024-43989 2024-09-26 7.5 High
Server-Side Request Forgery (SSRF) vulnerability in Firsh Justified Image Grid allows Server Side Request Forgery.This issue affects Justified Image Grid: from n/a through 4.6.1.
CVE-2024-44677 1 Eladmin 1 Eladmin 2024-09-25 9.8 Critical
eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an attacker to execute arbitrary code via the DatabaseController.java component.
CVE-2024-6587 2 Berriai, Litellm 2 Litellm, Litellm 2024-09-20 7.5 High
A Server-Side Request Forgery (SSRF) vulnerability exists in berriai/litellm version 1.38.10. This vulnerability allows users to specify the `api_base` parameter when making requests to `POST /chat/completions`, causing the application to send the request to the domain specified by `api_base`. This request includes the OpenAI API key. A malicious user can set the `api_base` to their own domain and intercept the OpenAI API key, leading to unauthorized access and potential misuse of the API key.
CVE-2022-25777 2024-09-20 6.5 Medium
Prior to the patched version, an authenticated user of Mautic could read system files and access the internal addresses of the application due to a Server-Side Request Forgery (SSRF) vulnerability.
CVE-2024-42352 1 Nuxt 2 Icon, Nuxt 2024-09-19 8.6 High
Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. `nuxt/icon` provides an API to allow client side icon lookup. This endpoint is at `/api/_nuxt_icon/[name]`. The proxied request path is improperly parsed, allowing an attacker to change the scheme and host of the request. This leads to SSRF, and could potentially lead to sensitive data exposure. The `new URL` constructor is used to parse the final path. This constructor can be passed a relative scheme or path in order to change the host the request is sent to. This constructor is also very tolerant of poorly formatted URLs. As a result we can pass a path prefixed with the string `http:`. This has the effect of changing the scheme to HTTP. We can then subsequently pass a new host, for example `http:127.0.0.1:8080`. This would allow us to send requests to a local server. This issue has been addressed in release version 1.4.5 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2021-38132 2 Microfocus, Opentext 2 Edirectory, Edirectory 2024-09-19 5.3 Medium
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000.
CVE-2024-41737 1 Sap 1 Crm Abap Insights Management 2024-09-12 5 Medium
SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the application.
CVE-2024-22217 1 Terminalfour 1 Terminalfour 2024-09-11 6.5 Medium
A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to access internal services including sensitive information on the server that Terminalfour runs on.
CVE-2023-37230 1 Loftware 1 Spectrum 2024-09-10 8.8 High
Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF.
CVE-2023-37229 1 Loftware 1 Spectrum 2024-09-10 8.8 High
Loftware Spectrum before 5.1 allows SSRF.
CVE-2024-44721 1 Seacms 1 Seacms 2024-09-09 9.8 Critical
SeaCMS v13.1 was discovered to a Server-Side Request Forgery (SSRF) via the url parameter at /admin_reslib.php.