Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-06 | CVE-2017-7569 | Server-Side Request Forgery (SSRF) vulnerability in Vbulletin In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parse_url function, aka VBV-17037. | 8.6 |
| 2017-04-06 | CVE-2017-7566 | Server-Side Request Forgery (SSRF) vulnerability in Mybb MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism. | 7.7 |
| 2017-04-06 | CVE-2017-6130 | Server-Side Request Forgery (SSRF) vulnerability in F5 SSL Intercept Iapp and SSL Orchestrator F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery (SSRF) attack when deployed using the Dynamic Domain Bypass (DDB) feature feature plus SNAT Auto Map option for egress traffic. | 7.4 |
| 2017-03-27 | CVE-2017-7272 | Server-Side Request Forgery (SSRF) vulnerability in PHP PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. | 7.4 |
| 2017-03-21 | CVE-2017-7200 | Server-Side Request Forgery (SSRF) vulnerability in Openstack Glance An SSRF issue was discovered in OpenStack Glance before Newton. | 5.8 |
| 2017-03-16 | CVE-2017-5643 | Server-Side Request Forgery (SSRF) vulnerability in Apache Camel Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE. | 7.4 |
| 2017-03-16 | CVE-2017-5617 | Server-Side Request Forgery (SSRF) vulnerability in multiple products The SVG Salamander (aka svgSalamander) library, when used in a web application, allows remote attackers to conduct server-side request forgery (SSRF) attacks via an xlink:href attribute in an SVG file. | 7.4 |
| 2017-03-03 | CVE-2015-8813 | Server-Side Request Forgery (SSRF) vulnerability in Umbraco The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery (SSRF) attacks via the url parameter. | 8.2 |
| 2017-02-01 | CVE-2016-6001 | Server-Side Request Forgery (SSRF) vulnerability in IBM Forms Experience Builder 8.5/8.5.1/8.6.0 IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from the application design interface allowing for some information disclosure of internal resources. | 3.1 |
| 2017-01-31 | CVE-2016-9417 | Server-Side Request Forgery (SSRF) vulnerability in Mybb Merge System and Mybb The fetch_remote_file function in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors. | 7.4 |