Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-02 | CVE-2018-14858 | Server-Side Request Forgery (SSRF) vulnerability in Icmsdev Icms An SSRF vulnerability was discovered in idreamsoft iCMS before V7.0.11 because the remote function in app/spider/spider_tools.class.php does not block private and reserved IP addresses such as 10.0.0.0/8. | 7.5 |
| 2018-08-01 | CVE-2018-1999039 | Server-Side Request Forgery (SSRF) vulnerability in Jenkins Confluence Publisher A server-side request forgery vulnerability exists in Jenkins Confluence Publisher Plugin 2.0.1 and earlier in ConfluenceSite.java that allows attackers to have Jenkins submit login requests to an attacker-specified Confluence server URL with attacker specified credentials. | 4.3 |
| 2018-08-01 | CVE-2018-1999026 | Server-Side Request Forgery (SSRF) vulnerability in Jenkins Tracetronic Ecu-Test A server-side request forgery vulnerability exists in Jenkins TraceTronic ECU-TEST Plugin 2.3 and earlier in ATXPublisher.java that allows attackers to have Jenkins send HTTP requests to an attacker-specified host. | 6.5 |
| 2018-07-23 | CVE-2018-1999017 | Server-Side Request Forgery (SSRF) vulnerability in Pydio Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery (SSRF) vulnerability in plugins/action.updater/UpgradeManager.php Line: 154, getUpgradePath($url) that can result in an authenticated admin users requesting arbitrary URL's, pivoting requests through the server. | 4.9 |
| 2018-07-23 | CVE-2018-14514 | Server-Side Request Forgery (SSRF) vulnerability in Icmsdev Icms 7.0.9 An SSRF vulnerability was discovered in idreamsoft iCMS V7.0.9 that allows attackers to read sensitive files, access an intranet, or possibly have unspecified other impact. | 9.8 |
| 2018-07-20 | CVE-2018-5006 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. | 7.5 |
| 2018-07-20 | CVE-2018-5004 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.2 and 6.3 have a Server-Side Request Forgery vulnerability. | 7.5 |
| 2018-07-20 | CVE-2018-12809 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. | 7.5 |
| 2018-07-18 | CVE-2018-0403 | Server-Side Request Forgery (SSRF) vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. | 9.8 |
| 2018-07-18 | CVE-2018-0399 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse 11.5(1) Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to retrieve a cleartext password from an affected system. | 9.8 |