• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-918

CVE-2022-27469

February 23, 2023 by godfreyd94

Monstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery (SSRF).

CVE-2022-27426

February 23, 2023 by godfreyd94

A Server-Side Request Forgery (SSRF) in Chamilo LMS v1.11.13 allows attackers to enumerate the internal network and execute arbitrary system commands via a crafted Phar file.

CVE-2022-27429

February 23, 2023 by godfreyd94

Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html.

CVE-2022-27245

February 23, 2023 by godfreyd94

An issue was discovered in MISP before 2.4.156. app/Model/Server.php does not restrict generateServerSettings to the CLI. This could lead to SSRF.

CVE-2022-27311

February 23, 2023 by godfreyd94

Gibbon v3.4.4 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL.

CVE-2022-26499

February 23, 2023 by godfreyd94

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it’s possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 98
  • Go to page 99
  • Go to page 100
  • Go to page 101
  • Go to page 102
  • Interim pages omitted …
  • Go to page 114
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE