Vulnerabilities > Server-Side Request Forgery (SSRF)

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-10	CVE-2024-36414	Server-Side Request Forgery (SSRF) vulnerability in Salesagility Suitecrm SuiteCRM is an open-source Customer Relationship Management (CRM) software application. network low complexity salesagility CWE-918	6.5
2024-06-06	CVE-2024-5186	Server-Side Request Forgery (SSRF) vulnerability in Zylon Privategpt 0.5.0 A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez/privategpt version 0.5.0. network low complexity zylon CWE-918	8.6
2024-06-06	CVE-2024-4177	Server-Side Request Forgery (SSRF) vulnerability in Bitdefender Gravityzone A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. network low complexity bitdefender CWE-918 critical	9.8
2024-06-05	CVE-2024-20404	Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. network low complexity cisco CWE-918	5.3
2024-06-05	CVE-2024-5526	Server-Side Request Forgery (SSRF) vulnerability in Grafana Oncall Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call management through simpler workflows and interfaces that are tailored specifically for engineers. Grafana OnCall, from version 1.1.37 before 1.5.2 are vulnerable to a Server Side Request Forgery (SSRF) vulnerability in the webhook functionallity. network low complexity grafana CWE-918 critical	9.1
2024-06-04	CVE-2024-36675	Server-Side Request Forgery (SSRF) vulnerability in Lylme Spage 1.9.5 LyLme_spage v1.9.5 is vulnerable to Server-Side Request Forgery (SSRF) via the get_head function. network low complexity lylme CWE-918 critical	9.1
2024-06-04	CVE-2024-4219	Server-Side Request Forgery (SSRF) vulnerability in Beyondtrust Beyondinsight 23.1 Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability. network low complexity beyondtrust CWE-918 critical	9.1
2024-05-22	CVE-2024-5031	Server-Side Request Forgery (SSRF) vulnerability in Caseproof Memberpress The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.11.29 via the 'mepr-user-file' shortcode. network low complexity caseproof CWE-918	6.4
2024-05-15	CVE-2024-3485	Server-Side Request Forgery (SSRF) vulnerability in Microfocus Imanager Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. network low complexity microfocus CWE-918	7.5
2024-05-15	CVE-2024-3970	Server-Side Request Forgery (SSRF) vulnerability in Microfocus Imanager Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. network low complexity microfocus CWE-918	7.5