Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-01 | CVE-2024-7330 | Server-Side Request Forgery (SSRF) vulnerability in Youdiancms 7.0 A vulnerability has been found in YouDianCMS 7 and classified as critical. | 6.3 |
| 2024-07-30 | CVE-2024-41305 | Server-Side Request Forgery (SSRF) vulnerability in Wondercms 3.4.3 A Server-Side Request Forgery (SSRF) in the Plugins Page of WonderCMS v3.4.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter. | 4.7 |
| 2024-07-26 | CVE-2024-41118 | Server-Side Request Forgery (SSRF) vulnerability in Opengeos Streamlit-Geospatial streamlit-geospatial is a streamlit multipage app for geospatial applications. | 9.8 |
| 2024-07-26 | CVE-2024-41120 | Server-Side Request Forgery (SSRF) vulnerability in Opengeos Streamlit-Geospatial streamlit-geospatial is a streamlit multipage app for geospatial applications. | 9.8 |
| 2024-07-26 | CVE-2024-41812 | Server-Side Request Forgery (SSRF) vulnerability in Txtdot txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. | 7.5 |
| 2024-07-26 | CVE-2024-41813 | Server-Side Request Forgery (SSRF) vulnerability in Txtdot txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. | 7.5 |
| 2024-07-12 | CVE-2024-40543 | Server-Side Request Forgery (SSRF) vulnerability in Publiccms PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/ueditor?action=catchimage. | 8.8 |
| 2024-07-12 | CVE-2024-40544 | Server-Side Request Forgery (SSRF) vulnerability in Publiccms PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the component /admin/#maintenance_sysTask/edit. | 8.8 |
| 2024-07-09 | CVE-2024-34689 | Server-Side Request Forgery (SSRF) vulnerability in SAP Business Workflow and SAP Basis WebFlow Services of SAP Business Workflow allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. | 5.0 |
| 2024-07-08 | CVE-2024-39699 | Server-Side Request Forgery (SSRF) vulnerability in Monospace Directus Directus is a real-time API and App dashboard for managing SQL database content. | 5.0 |