Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-16 | CVE-2024-0601 | Server-Side Request Forgery (SSRF) vulnerability in Zhongfucheng3Y Austin 1.0 A vulnerability was found in ZhongFuCheng3y Austin 1.0. | 6.5 |
| 2024-01-15 | CVE-2023-6991 | Server-Side Request Forgery (SSRF) vulnerability in Surniaulula JSM File GET Contents() Shortcode 2.7.0 The JSM file_get_contents() Shortcode WordPress plugin before 2.7.1 does not validate one of its shortcode's parameters before making a request to it, which could allow users with contributor role and above to perform SSRF attacks. | 8.8 |
| 2024-01-13 | CVE-2024-0510 | Server-Side Request Forgery (SSRF) vulnerability in Haokekeji Yiqiniu 3.1 A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1. | 9.8 |
| 2024-01-13 | CVE-2023-51804 | Server-Side Request Forgery (SSRF) vulnerability in Rymcu Forest 0.02 An issue in rymcu forest v.0.02 allows a remote attacker to obtain sensitive information via manipulation of the HTTP body URL in the com.rymcu.forest.web.api.common.UploadController file. | 7.5 |
| 2024-01-10 | CVE-2023-49471 | Server-Side Request Forgery (SSRF) vulnerability in Barassistant BAR Assistant Blind Server-Side Request Forgery (SSRF) vulnerability in karlomikus Bar Assistant before version 3.2.0 does not validate a parameter before making a request through Image::make(), which could allow authenticated remote attackers to execute arbitrary code. | 8.8 |
| 2024-01-08 | CVE-2024-0303 | Server-Side Request Forgery (SSRF) vulnerability in Youke365 Youke 365 1.5.0/1.5.3 A vulnerability, which was classified as critical, was found in Youke365 up to 1.5.3. | 9.8 |
| 2023-12-29 | CVE-2023-7078 | Server-Side Request Forgery (SSRF) vulnerability in Cloudflare Miniflare 3.20230821.0 Sending specially crafted HTTP requests to Miniflare's server could result in arbitrary HTTP and WebSocket requests being sent from the server. | 8.1 |
| 2023-12-26 | CVE-2023-51467 | Server-Side Request Forgery (SSRF) vulnerability in Apache Ofbiz The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code | 9.8 |
| 2023-12-26 | CVE-2023-50968 | Server-Side Request Forgery (SSRF) vulnerability in Apache Ofbiz Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when user operates an uri call without authorizations. The same uri can be operated to realize a SSRF attack also without authorizations. Users are recommended to upgrade to version 18.12.11, which fixes this issue. | 7.5 |
| 2023-12-22 | CVE-2023-51451 | Server-Side Request Forgery (SSRF) vulnerability in Sentry Symbolicator 0.3.3/23.11.2 Symbolicator is a service used in Sentry. | 4.3 |