Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-21 | CVE-2019-11897 | Server-Side Request Forgery (SSRF) vulnerability in Bosch IOT Gateway Software and Prosyst MBS SDK A Server-Side Request Forgery (SSRF) vulnerability in the backup & restore functionality in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.3.0 allows a remote attacker to forge GET requests to arbitrary URLs. | 8.6 |
| 2019-08-14 | CVE-2019-0345 | Server-Side Request Forgery (SSRF) vulnerability in SAP Netweaver Application Server Java A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credentials for its own SAP Management console, resulting in Server-Side Request Forgery. | 9.8 |
| 2019-08-08 | CVE-2019-12994 | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Assetexplorer 6.2.0 Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetExplorer version 6.2.0 for the AJaxServlet servlet via a parameter in a URL. | 9.1 |
| 2019-08-08 | CVE-2019-12959 | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Assetexplorer Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetExplorer 6.2.0 and before for the ClientUtilServlet servlet via a URL in a parameter. | 8.8 |
| 2019-08-08 | CVE-2019-14255 | Server-Side Request Forgery (SSRF) vulnerability in Go-Camo Project Go-Camo A Server Side Request Forgery (SSRF) vulnerability in go-camo up to version 1.1.4 allows a remote attacker to perform HTTP requests to internal endpoints. | 9.8 |
| 2019-08-06 | CVE-2019-14704 | Server-Side Request Forgery (SSRF) vulnerability in Microdigital products An SSRF issue was discovered in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 via FTP commands following a newline character in the uploadfile field. | 9.8 |
| 2019-08-02 | CVE-2019-7923 | Server-Side Request Forgery (SSRF) vulnerability in Magento A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 7.2 |
| 2019-08-02 | CVE-2019-7913 | Server-Side Request Forgery (SSRF) vulnerability in Magento A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 7.2 |
| 2019-08-02 | CVE-2019-7911 | Server-Side Request Forgery (SSRF) vulnerability in Magento A server-side request forgery (SSRF) vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 7.2 |
| 2019-08-02 | CVE-2019-7892 | Server-Side Request Forgery (SSRF) vulnerability in Magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 7.2 |