Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-01 | CVE-2022-25850 | Server-Side Request Forgery (SSRF) vulnerability in Proxyscotch Project Proxyscotch The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery (SSRF) when interceptor mode is set to proxy. | 7.5 |
| 2022-04-28 | CVE-2022-24449 | Server-Side Request Forgery (SSRF) vulnerability in Rt-Solar Solar Appscreener 3.10.4 Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF attacks via a crafted XML document. | 9.8 |
| 2022-04-28 | CVE-2022-29556 | Server-Side Request Forgery (SSRF) vulnerability in Northern.Tech Mender 3.2.0/3.2.1 The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2 allows SSRF because the Azure IoT Hub integration provides several SSRF primitives that can execute cross-tenant actions via internal API endpoints. | 9.8 |
| 2022-04-28 | CVE-2022-28117 | Server-Side Request Forgery (SSRF) vulnerability in Naviwebs Navigate CMS 2.9.4 A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter. | 4.9 |
| 2022-04-26 | CVE-2022-27469 | Server-Side Request Forgery (SSRF) vulnerability in Monstaftp Monsta FTP 2.10.3 Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery (SSRF). | 9.8 |
| 2022-04-25 | CVE-2022-27311 | Server-Side Request Forgery (SSRF) vulnerability in Gibbon Project Gibbon Gibbon v3.4.4 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL. | 9.8 |
| 2022-04-25 | CVE-2022-27429 | Server-Side Request Forgery (SSRF) vulnerability in Jizhicms 1.9.5 Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html. | 9.8 |
| 2022-04-22 | CVE-2021-36203 | Server-Side Request Forgery (SSRF) vulnerability in Johnsoncontrols Metasys System Configuration Tool The affected product may allow an attacker to identify and forge requests to internal systems by way of a specially crafted request. | 9.1 |
| 2022-04-20 | CVE-2022-24862 | Server-Side Request Forgery (SSRF) vulnerability in Databasir Project Databasir 1.0.1 Databasir is a team-oriented relational database model document management platform. | 7.7 |
| 2022-04-20 | CVE-2022-24871 | Server-Side Request Forgery (SSRF) vulnerability in Shopware Shopware is an open commerce platform based on Symfony Framework and Vue. | 5.5 |