Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-20 | CVE-2018-5006 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. | 7.5 |
| 2018-07-20 | CVE-2018-5004 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.2 and 6.3 have a Server-Side Request Forgery vulnerability. | 7.5 |
| 2018-07-20 | CVE-2018-12809 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. | 7.5 |
| 2018-07-18 | CVE-2018-0403 | Server-Side Request Forgery (SSRF) vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. | 9.8 |
| 2018-07-18 | CVE-2018-0399 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse 11.5(1) Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to retrieve a cleartext password from an affected system. | 9.8 |
| 2018-07-18 | CVE-2018-0398 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse 11.5(1) Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack. | 9.8 |
| 2018-07-09 | CVE-2018-13790 | Server-Side Request Forgery (SSRF) vulnerability in Concretecms Concrete CMS 8.2.0 A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page. | 7.2 |
| 2018-07-05 | CVE-2018-12571 | Server-Side Request Forgery (SSRF) vulnerability in Microsoft Forefront Unified Access Gateway 2010 uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the orig_url parameter, possibly causing a traffic amplification and/or SSRF outcome. | 9.8 |
| 2018-07-03 | CVE-2017-0929 | Server-Side Request Forgery (SSRF) vulnerability in Dnnsoftware Dotnetnuke DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. | 7.5 |
| 2018-06-26 | CVE-2018-1000606 | Server-Side Request Forgery (SSRF) vulnerability in Jenkins Urltrigger A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | 6.5 |