Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-25 | CVE-2022-27429 | Server-Side Request Forgery (SSRF) vulnerability in Jizhicms 1.9.5 Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html. | 9.8 |
| 2022-04-22 | CVE-2021-36203 | Server-Side Request Forgery (SSRF) vulnerability in Johnsoncontrols Metasys System Configuration Tool The affected product may allow an attacker to identify and forge requests to internal systems by way of a specially crafted request. | 9.1 |
| 2022-04-20 | CVE-2022-24862 | Server-Side Request Forgery (SSRF) vulnerability in Databasir Project Databasir 1.0.1 Databasir is a team-oriented relational database model document management platform. | 7.7 |
| 2022-04-20 | CVE-2022-24871 | Server-Side Request Forgery (SSRF) vulnerability in Shopware Shopware is an open commerce platform based on Symfony Framework and Vue. | 5.5 |
| 2022-04-19 | CVE-2022-24825 | Server-Side Request Forgery (SSRF) vulnerability in Stripe Smokescreen 0.0.2 Smokescreen is a simple HTTP proxy that fogs over naughty URLs. | 5.3 |
| 2022-04-19 | CVE-2022-29153 | Server-Side Request Forgery (SSRF) vulnerability in multiple products HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. | 7.5 |
| 2022-04-15 | CVE-2022-27426 | Server-Side Request Forgery (SSRF) vulnerability in Chamilo LMS A Server-Side Request Forgery (SSRF) in Chamilo LMS v1.11.13 allows attackers to enumerate the internal network and execute arbitrary system commands via a crafted Phar file. | 8.8 |
| 2022-04-15 | CVE-2022-26499 | Server-Side Request Forgery (SSRF) vulnerability in multiple products An SSRF issue was discovered in Asterisk through 19.x. | 9.1 |
| 2022-04-08 | CVE-2022-22339 | Server-Side Request Forgery (SSRF) vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to server-side request forgery (SSRF). | 7.3 |
| 2022-04-07 | CVE-2021-36202 | Server-Side Request Forgery (SSRF) vulnerability in Johnsoncontrols products Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. | 8.8 |