Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-09 | CVE-2022-24969 | Server-Side Request Forgery (SSRF) vulnerability in Apache Dubbo bypass CVE-2021-25640 > In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability. | 6.1 |
| 2022-06-09 | CVE-2022-31386 | Server-Side Request Forgery (SSRF) vulnerability in Nbnbk Project Nbnbk 3 A Server-Side Request Forgery (SSRF) in the getFileBinary function of nbnbk cms 3 allows attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the URL parameter. | 9.1 |
| 2022-06-09 | CVE-2022-31390 | Server-Side Request Forgery (SSRF) vulnerability in Jizhicms 2.2.5 Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the Update function in app/admin/c/TemplateController.php. | 9.1 |
| 2022-06-09 | CVE-2022-31393 | Server-Side Request Forgery (SSRF) vulnerability in Jizhicms 2.2.5 Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via the Index function in app/admin/c/PluginsController.php. | 9.1 |
| 2022-06-09 | CVE-2022-31827 | Server-Side Request Forgery (SSRF) vulnerability in Monstaftp 2.10.3 MonstaFTP v2.10.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the function performFetchRequest at HTTPFetcher.php. | 9.1 |
| 2022-06-09 | CVE-2022-31830 | Server-Side Request Forgery (SSRF) vulnerability in Baidu Kity Minder 1.3.5 Kity Minder v1.3.5 was discovered to contain a Server-Side Request Forgery (SSRF) via the init function at ImageCapture.class.php. | 9.1 |
| 2022-06-02 | CVE-2021-40186 | Server-Side Request Forgery (SSRF) vulnerability in Dnnsoftware Dotnetnuke The AppCheck research team identified a Server-Side Request Forgery (SSRF) vulnerability within the DNN CMS platform, formerly known as DotNetNuke. | 7.5 |
| 2022-06-02 | CVE-2022-27780 | Server-Side Request Forgery (SSRF) vulnerability in multiple products The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. | 7.5 |
| 2022-06-01 | CVE-2022-1285 | Server-Side Request Forgery (SSRF) vulnerability in Gogs Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.8. | 6.5 |
| 2022-05-25 | CVE-2022-1815 | Server-Side Request Forgery (SSRF) vulnerability in Diagrams Drawio Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2. | 7.5 |