Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-17 | CVE-2024-0649 | Server-Side Request Forgery (SSRF) vulnerability in Zhiyun-Tech Zhihuiyun A vulnerability was found in ZhiHuiYun up to 4.4.13 and classified as critical. | 9.8 |
| 2024-01-16 | CVE-2024-22408 | Server-Side Request Forgery (SSRF) vulnerability in Shopware Shopware is an open headless commerce platform. | 8.1 |
| 2024-01-16 | CVE-2024-0601 | Server-Side Request Forgery (SSRF) vulnerability in Zhongfucheng3Y Austin 1.0 A vulnerability was found in ZhongFuCheng3y Austin 1.0. | 6.5 |
| 2024-01-15 | CVE-2023-6991 | Server-Side Request Forgery (SSRF) vulnerability in Surniaulula JSM File GET Contents() Shortcode The JSM file_get_contents() Shortcode WordPress plugin before 2.7.1 does not validate one of its shortcode's parameters before making a request to it, which could allow users with contributor role and above to perform SSRF attacks. | 8.8 |
| 2024-01-13 | CVE-2024-0510 | Server-Side Request Forgery (SSRF) vulnerability in Haokekeji Yiqiniu 3.1 A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1. | 9.8 |
| 2024-01-13 | CVE-2023-51804 | Server-Side Request Forgery (SSRF) vulnerability in Rymcu Forest 0.02 An issue in rymcu forest v.0.02 allows a remote attacker to obtain sensitive information via manipulation of the HTTP body URL in the com.rymcu.forest.web.api.common.UploadController file. | 7.5 |
| 2024-01-10 | CVE-2023-49471 | Server-Side Request Forgery (SSRF) vulnerability in Barassistant BAR Assistant Blind Server-Side Request Forgery (SSRF) vulnerability in karlomikus Bar Assistant before version 3.2.0 does not validate a parameter before making a request through Image::make(), which could allow authenticated remote attackers to execute arbitrary code. | 8.8 |
| 2024-01-08 | CVE-2024-0308 | Server-Side Request Forgery (SSRF) vulnerability in Inis Project Inis 2.0.0/2.0.1 A vulnerability was found in Inis up to 2.0.1. | 8.8 |
| 2024-01-08 | CVE-2024-0303 | Server-Side Request Forgery (SSRF) vulnerability in Youke365 Youke 365 1.5.0/1.5.3 A vulnerability, which was classified as critical, was found in Youke365 up to 1.5.3. | 9.8 |
| 2024-01-08 | CVE-2024-0304 | Server-Side Request Forgery (SSRF) vulnerability in Youke365 Youke 365 1.5.0/1.5.3 A vulnerability has been found in Youke365 up to 1.5.3 and classified as critical. | 9.8 |