Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-15 | CVE-2022-30049 | Server-Side Request Forgery (SSRF) vulnerability in Ruifang-Tech Rebuild 2.8.3 A Server-Side Request Forgery (SSRF) in Rebuild v2.8.3 allows attackers to obtain the real IP address and scan Intranet information via the fileurl parameter. | 7.5 |
| 2022-05-14 | CVE-2022-1379 | Server-Side Request Forgery (SSRF) vulnerability in multiple products URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. | 9.1 |
| 2022-05-13 | CVE-2020-22983 | Server-Side Request Forgery (SSRF) vulnerability in Microstrategy web A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task. | 8.1 |
| 2022-05-11 | CVE-2022-29847 | Server-Side Request Forgery (SSRF) vulnerability in Progress Whatsup Gold 21.1.0/21.1.1/22.0.0 In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host. | 7.5 |
| 2022-05-11 | CVE-2022-29848 | Server-Side Request Forgery (SSRF) vulnerability in Progress Whatsup Gold In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system. | 6.5 |
| 2022-05-07 | CVE-2022-29180 | Server-Side Request Forgery (SSRF) vulnerability in Charm A vulnerability in which attackers could forge HTTP requests to manipulate the `charm` data directory to access or delete anything on the server. | 9.8 |
| 2022-05-05 | CVE-2022-1592 | Server-Side Request Forgery (SSRF) vulnerability in Clinical-Genomics Scout Server-Side Request Forgery in scout in GitHub repository clinical-genomics/scout prior to v4.42. | 8.2 |
| 2022-05-04 | CVE-2022-29942 | Server-Side Request Forgery (SSRF) vulnerability in Talend Administration Center 7.2.0/7.3.0/8.0.0 Talend Administration Center has a vulnerability that allows an authenticated user to use the Service Registry 'Add' functionality to perform SSRF HTTP GET requests on URLs in the internal network. | 6.5 |
| 2022-05-04 | CVE-2022-28090 | Server-Side Request Forgery (SSRF) vulnerability in Ujcms Jspxcms 10.2.0 Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery (SSRF) via /cmscp/ext/collect/fetch_url.do?url=. | 6.5 |
| 2022-05-02 | CVE-2021-40822 | Server-Side Request Forgery (SSRF) vulnerability in Osgeo Geoserver GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows SSRF via the option for setting a proxy host. | 7.5 |