CWE:

	Topic	Date	Author
Med.	Desktop Central 9.1.0 CRLF Injection / Server-Side Request Forgery	27.03.2023	Rafael Pedrero
Low	SAP Enterprise Portal iviewCatcherEditor Server-Side Request Forgery	27.01.2022	Yvan Genuer
Med.	OX App Suite / OX Guard / OX Documents SSRF / Cross Site Scripting	17.07.2021	Martin Heiland
Med.	Acronis Cyber Backup 12.5 Build 16341 Server-Side Request Forgery	17.09.2020	Julien Ahrens
Low	OX App Suite / OX Documents 7.10.3 XSS / SSRF / Improper Validation	16.06.2020	Martin Heiland
High	Fortify SSC 17.10 / 17.20 / 18.10 XXE Injection	14.07.2018	Alt3kx
Low	SPIP 3.1.2 Server Side Request Forgery	20.10.2016	Nicolas CHATELAIN
Low	Google Docs XSPA / SSRF	10.09.2016	Ashiyane Digital Secur...
Low	Infoware MapSuite Server-Side Request Forgery	04.06.2014	Christian

---

CVEMAP Search Results

CVE

Details

Description

2024-07-22

	CVE-2024-37942	Updating...	Server-Side Request Forgery (SSRF) vulnerability in Berqier Ltd BerqWP.This issue affects BerqWP: from n/a through 1.7.5.
	CVE-2024-38723	Updating...	Server-Side Request Forgery (SSRF) vulnerability in Bernhard Kux JSON Content Importer.This issue affects JSON Content Importer: from n/a through 1.5.6.
	CVE-2024-38728	Updating...	Server-Side Request Forgery (SSRF) vulnerability in Seraphinite Solutions Seraphinite Post .DOCX Source.This issue affects Seraphinite Post .DOCX Source: from n/a through 2.16.9.
	CVE-2024-38730	Updating...	Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor.This issue affects Magical Addons For Elementor: from n/a through 1.1.41.

2024-07-20

CVE-2024-38758

Updating...

Server-Side Request Forgery (SSRF) vulnerability in WappPress Team WappPress.This issue affects WappPress: from n/a through 6.0.4.

2024-07-19

CVE-2024-29736

Updating...

A SSRF vulnerability in WADL service description in versions of Apache CXF before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform SSRF style attacks on REST webservices. The attack only applies if a custom stylesheet parameter is configured.

2024-07-18

CVE-2024-40898

Updating...

SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue.

2024-07-17

CVE-2024-31979

Updating...

Server-Side Request Forgery (SSRF) vulnerability in Apache StreamPipes during installation process of pipeline elements. Previously, StreamPipes allowed users to configure custom endpoints from which to install additional pipeline elements. These endpoints were not properly validated, allowing an attacker to get StreamPipes to send an HTTP GET request to an arbitrary address. This issue affects Apache StreamPipes: through 0.93.0. Users are recommended to upgrade to version 0.95.0, which fixes the issue.

2024-07-15

CVE-2024-39739

Updating...

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 296008.

2024-07-09

CVE-2024-37171

Updating...

SAP Transportation Management (Collaboration Portal) allows an attacker with non-administrative privileges to send a crafted request from a vulnerable web application. This will trigger the application handler to send a request to an unintended service, which may reveal information about that service. The information obtained could be used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability. There is no effect on integrity or availability of the application.

 

---

Copyright 2024, cxsecurity.com