Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2024-41737 | Server-Side Request Forgery (SSRF) vulnerability in SAP CRM Abap Insights Management SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. | 5.0 |
| 2024-08-12 | CVE-2024-41651 | Server-Side Request Forgery (SSRF) vulnerability in Prestashop An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. | 8.1 |
| 2024-08-12 | CVE-2024-39338 | Server-Side Request Forgery (SSRF) vulnerability in Axios 1.5.1 axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs. | 7.5 |
| 2024-08-12 | CVE-2024-41570 | Server-Side Request Forgery (SSRF) vulnerability in Havocframework Havoc An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server. | 9.8 |
| 2024-08-06 | CVE-2024-38206 | Server-Side Request Forgery (SSRF) vulnerability in Microsoft Copilot Studio An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network. | 6.5 |
| 2024-08-05 | CVE-2024-42352 | Server-Side Request Forgery (SSRF) vulnerability in Nuxt Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. | 7.5 |
| 2024-08-05 | CVE-2024-39713 | Server-Side Request Forgery (SSRF) vulnerability in Rocket.Chat A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1. | 8.6 |
| 2024-08-01 | CVE-2024-2090 | Server-Side Request Forgery (SSRF) vulnerability in Doublesharp Remote Content Shortcode The Remote Content Shortcode plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5 via the remote_content shortcode. | 6.4 |
| 2024-08-01 | CVE-2024-7330 | Server-Side Request Forgery (SSRF) vulnerability in Youdiancms 7.0 A vulnerability has been found in YouDianCMS 7 and classified as critical. | 6.3 |
| 2024-07-30 | CVE-2024-41305 | Server-Side Request Forgery (SSRF) vulnerability in Wondercms 3.4.3 A Server-Side Request Forgery (SSRF) in the Plugins Page of WonderCMS v3.4.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter. | 4.7 |