• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-918

CVE-2020-24881

February 26, 2023 by

SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning.

CVE-2020-24898

February 26, 2023 by

The Table Filter and Charts for Confluence Server app before 5.3.26 (for Atlassian Confluence) allows SSRF via the “Table from CSV” macro (URL parameter).

CVE-2020-24815

February 26, 2023 by

A Server-Side Request Forgery (SSRF) affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal network resources or leak files from the local system via HTML containers embedded in a dossier/dashboard document. NOTE: 10.4., no fix will be released as version will reach end-of-life on 31/12/2020.

CVE-2020-24700

February 26, 2023 by

OX App Suite through 7.10.3 allows SSRF because GET requests are sent to arbitrary domain names with an initial autoconfig. substring.

CVE-2020-24710

February 26, 2023 by

Gophish before 0.11.0 allows SSRF attacks.

CVE-2020-24641

February 26, 2023 by

In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclosure of sensitive information. This can be used to perform an authentication bypass and ultimately gain administrative access on the web administrative interface.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 25
  • Go to page 26
  • Go to page 27
  • Go to page 28
  • Go to page 29
  • Interim pages omitted …
  • Go to page 114
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE