Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2024-7740 | Server-Side Request Forgery (SSRF) vulnerability in Ltcms 1.0.20 A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical. | 9.8 |
| 2024-08-13 | CVE-2024-38109 | Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health BOT An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network. | 8.8 |
| 2024-08-13 | CVE-2024-41737 | Server-Side Request Forgery (SSRF) vulnerability in SAP CRM Abap Insights Management SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. | 5.0 |
| 2024-08-12 | CVE-2024-41651 | Server-Side Request Forgery (SSRF) vulnerability in Prestashop An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. | 8.1 |
| 2024-08-12 | CVE-2024-39338 | Server-Side Request Forgery (SSRF) vulnerability in Axios 1.5.1 axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs. | 7.5 |
| 2024-08-12 | CVE-2024-41570 | Server-Side Request Forgery (SSRF) vulnerability in Havocframework Havoc An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server. | 9.8 |
| 2024-08-06 | CVE-2024-38206 | Server-Side Request Forgery (SSRF) vulnerability in Microsoft Copilot Studio An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network. | 6.5 |
| 2024-08-05 | CVE-2024-42352 | Server-Side Request Forgery (SSRF) vulnerability in Nuxt Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. | 7.5 |
| 2024-08-05 | CVE-2024-39713 | Server-Side Request Forgery (SSRF) vulnerability in Rocket.Chat A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1. | 8.6 |
| 2024-08-01 | CVE-2024-2090 | Server-Side Request Forgery (SSRF) vulnerability in Doublesharp Remote Content Shortcode The Remote Content Shortcode plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5 via the remote_content shortcode. | 6.4 |