Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-13 | CVE-2022-41495 | Server-Side Request Forgery (SSRF) vulnerability in Clippercms 1.3.3 ClipperCMS 1.3.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the rss_url_news parameter at /manager/index.php. | 9.8 |
| 2022-10-13 | CVE-2022-41496 | Server-Side Request Forgery (SSRF) vulnerability in Idreamsoft Icms 7.0.16 iCMS v7.0.16 was discovered to contain a Server-Side Request Forgery (SSRF) via the url parameter at admincp.php. | 9.8 |
| 2022-10-13 | CVE-2022-41497 | Server-Side Request Forgery (SSRF) vulnerability in Clippercms 1.3.3 ClipperCMS 1.3.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the pkg_url parameter at /manager/index.php. | 9.8 |
| 2022-10-03 | CVE-2022-36551 | Server-Side Request Forgery (SSRF) vulnerability in Heartex Label Studio A Server Side Request Forgery (SSRF) in the Data Import module in Heartex - Label Studio Community Edition versions 1.5.0 and earlier allows an authenticated user to access arbitrary files on the system. | 6.5 |
| 2022-09-28 | CVE-2022-35282 | Server-Side Request Forgery (SSRF) vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery (SSRF). | 6.5 |
| 2022-09-20 | CVE-2022-40357 | Server-Side Request Forgery (SSRF) vulnerability in Zblogcn Z-Blogphp A security issue was discovered in Z-BlogPHP <= 1.7.2. | 9.8 |
| 2022-09-20 | CVE-2022-38931 | Server-Side Request Forgery (SSRF) vulnerability in Baijiacms Project Baijiacms 4.1.4 A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the url parameter. | 8.8 |
| 2022-09-20 | CVE-2022-30579 | Server-Side Request Forgery (SSRF) vulnerability in Tibco Spotfire Analytics Platform and Spotfire Server The Web Player component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a difficult to exploit vulnerability that allows a low privileged attacker with network access to execute blind Server Side Request Forgery (SSRF) on the affected system. | 8.4 |
| 2022-09-16 | CVE-2022-2912 | Server-Side Request Forgery (SSRF) vulnerability in Craw-Data Project Craw-Data The Craw Data WordPress plugin through 1.0.0 does not implement nonce checks, which could allow attackers to make a logged in admin change the url value performing unwanted crawls on third-party sites (SSRF). | 4.3 |
| 2022-09-14 | CVE-2022-2900 | Server-Side Request Forgery (SSRF) vulnerability in Parse-Url Project Parse-Url Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 8.1.0. | 9.1 |