VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Server-Side Request Forgery (SSRF)
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-05-08
CVE-2025-29972
Server-Side Request Forgery (SSRF) in Azure allows an authorized attacker to perform spoofing over a network.
network
low complexity
CWE-918
critical
9.9
9.9
2025-05-08
CVE-2025-47733
Server-Side Request Forgery (SSRF) in Microsoft Power Apps allows an unauthorized attacker to disclose information over a network
network
low complexity
CWE-918
critical
9.1
9.1
2025-05-02
CVE-2024-55910
IBM Concert Software 1.0.0 through 1.0.5 is vulnerable to server-side request forgery (SSRF).
network
low complexity
CWE-918
6.5
6.5
2025-05-01
CVE-2024-13845
The Gravity Forms WebHooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.0 via the 'process_feed' method of the GF_Webhooks class This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
network
low complexity
CWE-918
5.5
5.5
2025-04-28
CVE-2025-4012
A vulnerability was found in playeduxyz PlayEdu ?????? up to 1.8 and classified as problematic.
network
low complexity
CWE-918
2.7
2.7
2025-04-25
CVE-2025-3775
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.2 via the woolentor_template_proxy function.
network
low complexity
CWE-918
6.5
6.5
2025-04-22
CVE-2025-27907
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to server-side request forgery (SSRF).
network
low complexity
CWE-918
4.1
4.1
2025-04-22
CVE-2025-2987
IBM Maximo Asset Management 7.6.1.3 is vulnerable to server-side request forgery (SSRF).
network
low complexity
CWE-918
3.8
3.8
2025-04-14
CVE-2025-3572
SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server.
network
low complexity
CWE-918
7.5
7.5
2025-04-05
CVE-2025-32358
Server-Side Request Forgery (SSRF) vulnerability in Zammad 6.4.0/6.4.1
In Zammad 6.4.x before 6.4.2, SSRF can occur.
network
low complexity
zammad
CWE-918
4.1
4.1
«
1
(current)
2
3
4
5
...
94
95
»
Next