Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-21 | CVE-2021-35512 | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Applications Manager 15.2 An SSRF issue was discovered in Zoho ManageEngine Applications Manager build 15200. | 6.5 |
| 2021-10-21 | CVE-2021-41792 | Server-Side Request Forgery (SSRF) vulnerability in Alfresco products An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org.alfresco:alfresco-transform-services through 1.3. | 5.3 |
| 2021-10-20 | CVE-2021-25972 | Server-Side Request Forgery (SSRF) vulnerability in Tuzitio Camaleon CMS In Camaleon CMS, versions 2.1.2.0 to 2.6.0, are vulnerable to Server-Side Request Forgery (SSRF) in the media upload feature, which allows admin users to fetch media files from external URLs but fails to validate URLs referencing to localhost or other internal servers. | 4.9 |
| 2021-10-13 | CVE-2021-22033 | Server-Side Request Forgery (SSRF) vulnerability in VMWare products Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability. | 2.7 |
| 2021-10-07 | CVE-2021-42091 | Server-Side Request Forgery (SSRF) vulnerability in Zammad An issue was discovered in Zammad before 4.1.1. | 9.1 |
| 2021-10-07 | CVE-2021-22958 | Server-Side Request Forgery (SSRF) vulnerability in Concretecms Concrete CMS A Server-Side Request Forgery vulnerability was found in concrete5 < 8.5.5 that allowed a decimal notation encoded IP address to bypass the limitations in place for localhost allowing interaction with local services. | 9.8 |
| 2021-10-06 | CVE-2020-21649 | Server-Side Request Forgery (SSRF) vulnerability in Myucms Project Myucms 2.2 Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sql() method. | 8.1 |
| 2021-10-06 | CVE-2020-21653 | Server-Side Request Forgery (SSRF) vulnerability in Myucms Project Myucms 2.2 Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method. | 9.1 |
| 2021-10-05 | CVE-2021-39867 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vulnerability in Gitea Importer may be exploited by an attacker to trigger Server Side Request Forgery (SSRF) attacks. | 8.1 |
| 2021-10-05 | CVE-2021-39894 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab In all versions of GitLab CE/EE since version 8.0, a DNS rebinding vulnerability exists in Fogbugz importer which may be used by attackers to exploit Server Side Request Forgery attacks. | 5.4 |