Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-07 | CVE-2018-1789 | Server-Side Request Forgery (SSRF) vulnerability in IBM API Connect IBM API Connect v2018.1.0 through v2018.3.4 could allow an attacker to send a specially crafted request to conduct a server side request forgery attack. | 9.9 |
| 2018-09-04 | CVE-2018-16444 | Server-Side Request Forgery (SSRF) vulnerability in Seacms 6.61 An issue was discovered in SeaCMS 6.61. | 9.1 |
| 2018-09-03 | CVE-2018-16409 | Server-Side Request Forgery (SSRF) vulnerability in Gogs 0.11.53 In Gogs 0.11.53, an attacker can use migrate to send arbitrary HTTP GET requests, leading to SSRF. | 8.6 |
| 2018-08-27 | CVE-2018-15895 | Server-Side Request Forgery (SSRF) vulnerability in Icmsdev Icms An SSRF vulnerability was discovered in idreamsoft iCMS 7.0.11 because the remote function in app/spider/spider_tools.class.php does not block DNS hostnames associated with private and reserved IP addresses, as demonstrated by 127.0.0.1 in an A record. | 7.5 |
| 2018-08-15 | CVE-2018-10511 | Server-Side Request Forgery (SSRF) vulnerability in Trendmicro Control Manager 6.0/7.0 A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request forgery (SSRF) attack on vulnerable installations. | 10.0 |
| 2018-08-14 | CVE-2018-2445 | Server-Side Request Forgery (SSRF) vulnerability in SAP Businessobjects Business Intelligence 4.1/4.2 AdminTools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allows an attacker to manipulate the vulnerable application to send crafted requests on behalf of the application, resulting in a Server-Side Request Forgery (SSRF) vulnerability. | 9.6 |
| 2018-08-12 | CVE-2018-3774 | Server-Side Request Forgery (SSRF) vulnerability in Url-Parse Project Url-Parse Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authentication Protocol. | 10.0 |
| 2018-08-08 | CVE-2018-15192 | Server-Side Request Forgery (SSRF) vulnerability in multiple products An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services. | 8.6 |
| 2018-08-03 | CVE-2018-14728 | Server-Side Request Forgery (SSRF) vulnerability in Tecrail Responsive Filemanager 9.13.1 upload.php in Responsive FileManager 9.13.1 allows SSRF via the url parameter. | 9.8 |
| 2018-08-02 | CVE-2018-14858 | Server-Side Request Forgery (SSRF) vulnerability in Icmsdev Icms An SSRF vulnerability was discovered in idreamsoft iCMS before V7.0.11 because the remote function in app/spider/spider_tools.class.php does not block private and reserved IP addresses such as 10.0.0.0/8. | 7.5 |