Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-05 | CVE-2024-20404 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. | 5.3 |
| 2024-06-05 | CVE-2024-5526 | Server-Side Request Forgery (SSRF) vulnerability in Grafana Oncall Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call management through simpler workflows and interfaces that are tailored specifically for engineers. Grafana OnCall, from version 1.1.37 before 1.5.2 are vulnerable to a Server Side Request Forgery (SSRF) vulnerability in the webhook functionallity. | 9.1 |
| 2024-06-04 | CVE-2024-36675 | Server-Side Request Forgery (SSRF) vulnerability in Lylme Spage 1.9.5 LyLme_spage v1.9.5 is vulnerable to Server-Side Request Forgery (SSRF) via the get_head function. | 9.1 |
| 2024-06-04 | CVE-2024-4219 | Server-Side Request Forgery (SSRF) vulnerability in Beyondtrust Beyondinsight 23.1 Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability. | 9.1 |
| 2024-05-22 | CVE-2024-5031 | Server-Side Request Forgery (SSRF) vulnerability in Caseproof Memberpress The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.11.29 via the 'mepr-user-file' shortcode. | 6.4 |
| 2024-05-15 | CVE-2024-3485 | Server-Side Request Forgery (SSRF) vulnerability in Microfocus Imanager Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. | 7.5 |
| 2024-05-15 | CVE-2024-3970 | Server-Side Request Forgery (SSRF) vulnerability in Microfocus Imanager Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. | 7.5 |
| 2024-05-14 | CVE-2024-4561 | Server-Side Request Forgery (SSRF) vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2023.1.2 , a blind SSRF vulnerability exists in Whatsup Gold's FaviconController that allows an attacker to send arbitrary HTTP requests on behalf of the vulnerable server. | 5.3 |
| 2024-05-14 | CVE-2024-4562 | Server-Side Request Forgery (SSRF) vulnerability in Progress Whatsup Gold In WhatsUp Gold versions released before 2023.1.2 , an SSRF vulnerability exists in Whatsup Gold's Issue exists in the HTTP Monitoring functionality. Due to the lack of proper authorization, any authenticated user can access the HTTP monitoring functionality, what leads to the Server Side Request Forgery. | 5.4 |
| 2024-05-03 | CVE-2024-34068 | Server-Side Request Forgery (SSRF) vulnerability in Pterodactyl Wings Pterodactyl wings is the server control plane for Pterodactyl Panel. | 6.4 |