Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-20 | CVE-2019-11574 | Server-Side Request Forgery (SSRF) vulnerability in Simplemachines Simple Machine Forum An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17. | 9.8 |
| 2020-03-20 | CVE-2020-8138 | Server-Side Request Forgery (SSRF) vulnerability in Nextcloud Server A missing check for IPv4 nested inside IPv6 in Nextcloud server < 17.0.1, < 16.0.7, and < 15.0.14 allowed a Server-Side Request Forgery (SSRF) vulnerability when subscribing to a malicious calendar URL. | 6.5 |
| 2020-03-20 | CVE-2020-8135 | Server-Side Request Forgery (SSRF) vulnerability in Uppy 1.9.1/1.9.2 The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems. | 9.8 |
| 2020-03-20 | CVE-2020-8134 | Server-Side Request Forgery (SSRF) vulnerability in Ghost Server-side request forgery (SSRF) vulnerability in Ghost CMS < 3.10.0 allows an attacker to scan local or external network or otherwise interact with internal systems. | 8.1 |
| 2020-03-13 | CVE-2020-10077 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab GitLab EE 3.0 through 12.8.1 allows SSRF. | 9.8 |
| 2020-03-11 | CVE-2020-8540 | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Desktop Central An XML external entity (XXE) vulnerability in Zoho ManageEngine Desktop Central before the 07-Mar-2020 update allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. | 9.8 |
| 2020-03-10 | CVE-2019-13121 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue was discovered in GitLab Enterprise Edition 10.6 through 12.0.2. | 7.5 |
| 2020-03-10 | CVE-2019-12443 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.2 through 11.11. | 9.8 |
| 2020-03-07 | CVE-2020-10212 | Server-Side Request Forgery (SSRF) vulnerability in Tecrail Responsive Filemanager 9.13.4/9.14.0 upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. | 9.8 |
| 2020-02-21 | CVE-2019-18846 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite OX App Suite through 7.10.2 allows SSRF. | 5.0 |