Vulnerabilities > Server-Side Request Forgery (SSRF)

DATE CVE VULNERABILITY TITLE RISK
2021-02-23 CVE-2020-8902 Server-Side Request Forgery (SSRF) vulnerability in Google Rendertron
Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery (SSRF) attack.
network
low complexity
google CWE-918
4.0
2021-02-19 CVE-2021-3204 Server-Side Request Forgery (SSRF) vulnerability in Webware Webdesktop 5.1.15
SSRF in the document conversion component of Webware Webdesktop 5.1.15 allows an attacker to read all files from the server.
network
low complexity
webware CWE-918
4.0
2021-02-19 CVE-2020-10252 Server-Side Request Forgery (SSRF) vulnerability in Owncloud
An issue was discovered in ownCloud before 10.4.
network
low complexity
owncloud CWE-918
6.5
2021-02-18 CVE-2021-27329 Server-Side Request Forgery (SSRF) vulnerability in Frendi Frendica 2021.01
Friendica 2021.01 allows SSRF via parse_url?binurl= for DNS lookups or HTTP requests to arbitrary domain names.
network
low complexity
frendi CWE-918
critical
10.0
2021-02-18 CVE-2020-28463 Server-Side Request Forgery (SSRF) vulnerability in Reportlab
All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags.
network
low complexity
reportlab CWE-918
4.0
2021-02-16 CVE-2021-27103 Server-Side Request Forgery (SSRF) vulnerability in Accellion FTA 912370/912380/912411
Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html.
network
low complexity
accellion CWE-918
7.5
2021-02-16 CVE-2020-35561 Server-Side Request Forgery (SSRF) vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2.
network
low complexity
mbconnectline CWE-918
5.0
2021-02-16 CVE-2020-35558 Server-Side Request Forgery (SSRF) vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2.
network
low complexity
mbconnectline CWE-918
5.0
2021-02-11 CVE-2021-21311 Server-Side Request Forgery (SSRF) vulnerability in Adminer
Adminer is an open-source database management in a single PHP file.
network
low complexity
adminer CWE-918
6.4
2021-02-08 CVE-2021-21288 Server-Side Request Forgery (SSRF) vulnerability in Carrierwave Project Carrierwave
CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications.
network
low complexity
carrierwave-project CWE-918
4.0