Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-05 | CVE-2019-12633 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Unified Contact Center Express A vulnerability in Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. | 7.5 |
| 2019-09-05 | CVE-2019-12632 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse 11.6(1)/12.0(1)/12.5(1) A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on an affected system. | 7.5 |
| 2019-08-26 | CVE-2019-13020 | Server-Side Request Forgery (SSRF) vulnerability in Trms Tightrope Media Carousel The fetch API in Tightrope Media Carousel before 7.1.3 has CarouselAPI/v0/fetch?url= SSRF. | 10.0 |
| 2019-08-23 | CVE-2019-15494 | Server-Side Request Forgery (SSRF) vulnerability in It-Novum Openitcockpit openITCOCKPIT before 3.7.1 allows SSRF, aka RVID 5-445b21. | 9.8 |
| 2019-08-22 | CVE-2016-10927 | Server-Side Request Forgery (SSRF) vulnerability in Neliosoftware Nelio AB Testing The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php. | 10.0 |
| 2019-08-22 | CVE-2016-10926 | Server-Side Request Forgery (SSRF) vulnerability in Neliosoftware Nelio AB Testing The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php. | 10.0 |
| 2019-08-21 | CVE-2019-11897 | Server-Side Request Forgery (SSRF) vulnerability in Bosch IOT Gateway Software and Prosyst MBS SDK A Server-Side Request Forgery (SSRF) vulnerability in the backup & restore functionality in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.3.0 allows a remote attacker to forge GET requests to arbitrary URLs. | 8.6 |
| 2019-08-14 | CVE-2019-0345 | Server-Side Request Forgery (SSRF) vulnerability in SAP Netweaver Application Server Java A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credentials for its own SAP Management console, resulting in Server-Side Request Forgery. | 9.8 |
| 2019-08-08 | CVE-2019-12994 | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Assetexplorer 6.2.0 Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetExplorer version 6.2.0 for the AJaxServlet servlet via a parameter in a URL. | 9.1 |
| 2019-08-08 | CVE-2019-12959 | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Assetexplorer Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetExplorer 6.2.0 and before for the ClientUtilServlet servlet via a URL in a parameter. | 8.8 |