Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-19 | CVE-2021-31216 | Server-Side Request Forgery (SSRF) vulnerability in Siren Investigate Siren Investigate before 11.1.1 contains a server side request forgery (SSRF) defect in the built-in image proxy route (which is enabled by default). | 8.1 |
| 2021-07-15 | CVE-2021-29749 | Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Secure External Authentication Server 6.0.2 and IBM Secure Proxy 6.0.2 is vulnerable to server-side request forgery (SSRF). | 5.4 |
| 2021-07-14 | CVE-2021-33213 | Server-Side Request Forgery (SSRF) vulnerability in Element-It Http Commander 5.3.3 An SSRF vulnerability in the "Upload from URL" feature in Elements-IT HTTP Commander 5.3.3 allows remote authenticated users to retrieve HTTP and FTP files from the internal server network by inserting an internal address. | 6.5 |
| 2021-07-12 | CVE-2020-23079 | Server-Side Request Forgery (SSRF) vulnerability in Halo SSRF vulnerability in Halo <=1.3.2 exists in the SMTP configuration, which can detect the server intranet. | 7.5 |
| 2021-07-11 | CVE-2021-29102 | Server-Side Request Forgery (SSRF) vulnerability in Esri Arcgis Server A Server-Side Request Forgery (SSRF) vulnerability in ArcGIS Server Manager version 10.8.1 and below may allow a remote, unauthenticated attacker to forge GET requests to arbitrary URLs from the system, potentially leading to network enumeration or facilitating other attacks. | 9.1 |
| 2021-07-08 | CVE-2020-20582 | Server-Side Request Forgery (SSRF) vulnerability in Mipcms 5.0.1 A server side request forgery (SSRF) vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1 allows attackers to access sensitive information. | 7.5 |
| 2021-07-07 | CVE-2020-24141 | Server-Side Request Forgery (SSRF) vulnerability in Wp-Downloadmanager Project Wp-Downloadmanager 1.68.4 Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the file_remote parameter to download-add.php. | 5.3 |
| 2021-07-07 | CVE-2020-24142 | Server-Side Request Forgery (SSRF) vulnerability in Ninjateam Video Downloader for Tiktok 1.3 Server-side request forgery in the Video Downloader for TikTok (aka downloader-tiktok) plugin 1.3 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the njt-tk-download-video parameter. | 9.8 |
| 2021-07-07 | CVE-2020-24147 | Server-Side Request Forgery (SSRF) vulnerability in Xylusthemes WP Smart Import 1.0.0 Server-side request forgery (SSR) vulnerability in the WP Smart Import (wp-smart-import) plugin 1.0.0 for WordPress via the file field. | 9.1 |
| 2021-07-07 | CVE-2020-24148 | Server-Side Request Forgery (SSRF) vulnerability in Mooveagency Import XML and RSS Feeds 2.0.1 Server-side request forgery (SSRF) in the Import XML and RSS Feeds (import-xml-feed) plugin 2.0.1 for WordPress via the data parameter in a moove_read_xml action. | 9.1 |