Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2020-21653 | Server-Side Request Forgery (SSRF) vulnerability in Myucms Project Myucms 2.2 Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method. | 6.4 |
| 2021-10-05 | CVE-2021-39867 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vulnerability in Gitea Importer may be exploited by an attacker to trigger Server Side Request Forgery (SSRF) attacks. | 5.5 |
| 2021-10-05 | CVE-2021-39894 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab In all versions of GitLab CE/EE since version 8.0, a DNS rebinding vulnerability exists in Fogbugz importer which may be used by attackers to exploit Server Side Request Forgery attacks. | 5.5 |
| 2021-10-05 | CVE-2021-37223 | Server-Side Request Forgery (SSRF) vulnerability in Nagios XI Nagios Enterprises NagiosXI <= 5.8.4 contains a Server-Side Request Forgery (SSRF) vulnerability in schedulereport.php. | 4.0 |
| 2021-09-28 | CVE-2021-37104 | Server-Side Request Forgery (SSRF) vulnerability in Huawei P40 Firmware 10.1.0.118(C00E116R3P3) There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118(C00E116R3P3). | 5.0 |
| 2021-09-27 | CVE-2021-40109 | Server-Side Request Forgery (SSRF) vulnerability in Concretecms Concrete CMS A SSRF issue was discovered in Concrete CMS through 8.5.5. | 5.5 |
| 2021-09-27 | CVE-2021-41385 | Server-Side Request Forgery (SSRF) vulnerability in Securonix Snypr 6.3.1 The third party intelligence connector in Securonix SNYPR 6.3.1 Build 184295_0302 allows an authenticated user to obtain access to server configuration details via SSRF. | 4.0 |
| 2021-09-24 | CVE-2021-41586 | Server-Side Request Forgery (SSRF) vulnerability in Gradle In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password. | 5.0 |
| 2021-09-24 | CVE-2021-41587 | Server-Side Request Forgery (SSRF) vulnerability in Gradle In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources. | 5.0 |
| 2021-09-23 | CVE-2020-24327 | Server-Side Request Forgery (SSRF) vulnerability in Discourse 2.3.2/2.6.0 Server Side Request Forgery (SSRF) vulnerability exists in Discourse 2.3.2 and 2.6 via the email function. | 5.0 |