Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-23 | CVE-2023-38626 | Server-Side Request Forgery (SSRF) vulnerability in Trendmicro Apex Central 2019 A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-38625. | 5.4 |
| 2024-01-23 | CVE-2023-38627 | Server-Side Request Forgery (SSRF) vulnerability in Trendmicro Apex Central 2019 A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-38626. | 5.4 |
| 2024-01-23 | CVE-2023-52331 | Server-Side Request Forgery (SSRF) vulnerability in Trendmicro Apex Central 2019 A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.1 |
| 2024-01-19 | CVE-2023-32337 | Server-Side Request Forgery (SSRF) vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery (SSRF). | 5.4 |
| 2024-01-16 | CVE-2024-0601 | Server-Side Request Forgery (SSRF) vulnerability in Zhongfucheng3Y Austin 1.0 A vulnerability was found in ZhongFuCheng3y Austin 1.0. | 6.5 |
| 2024-01-15 | CVE-2023-6991 | Server-Side Request Forgery (SSRF) vulnerability in Surniaulula JSM File GET Contents() Shortcode 2.7.0 The JSM file_get_contents() Shortcode WordPress plugin before 2.7.1 does not validate one of its shortcode's parameters before making a request to it, which could allow users with contributor role and above to perform SSRF attacks. | 8.8 |
| 2024-01-13 | CVE-2024-0510 | Server-Side Request Forgery (SSRF) vulnerability in Haokekeji Yiqiniu 3.1 A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1. | 9.8 |
| 2024-01-13 | CVE-2023-51804 | Server-Side Request Forgery (SSRF) vulnerability in Rymcu Forest 0.02 An issue in rymcu forest v.0.02 allows a remote attacker to obtain sensitive information via manipulation of the HTTP body URL in the com.rymcu.forest.web.api.common.UploadController file. | 7.5 |
| 2024-01-10 | CVE-2023-49471 | Server-Side Request Forgery (SSRF) vulnerability in Barassistant BAR Assistant Blind Server-Side Request Forgery (SSRF) vulnerability in karlomikus Bar Assistant before version 3.2.0 does not validate a parameter before making a request through Image::make(), which could allow authenticated remote attackers to execute arbitrary code. | 8.8 |
| 2024-01-08 | CVE-2024-0303 | Server-Side Request Forgery (SSRF) vulnerability in Youke365 Youke 365 1.5.0/1.5.3 A vulnerability, which was classified as critical, was found in Youke365 up to 1.5.3. | 9.8 |