Total
2645 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10926 | 1 Neliosoftware | 1 Nelio Ab Testing | 2026-06-17 | 6.4 MEDIUM | 10.0 CRITICAL |
| The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php. | |||||
| CVE-2015-8813 | 1 Umbraco | 1 Umbraco | 2026-06-17 | 4.3 MEDIUM | 8.2 HIGH |
| The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery (SSRF) attacks via the url parameter. | |||||
| CVE-2015-7570 | 1 Yeager | 1 Yeager Cms | 2026-06-17 | 6.4 MEDIUM | 7.2 HIGH |
| Multiple server-side request forgery (SSRF) vulnerabilities in Yeager CMS 1.2.1 allow remote attackers to trigger outbound requests and enumerate open ports via the dbhost parameter to libs/org/adodb_lite/tests/test_adodb_lite.php, libs/org/adodb_lite/tests/test_datadictionary.php, or libs/org/adodb_lite/tests/test_adodb_lite_sessions.php. | |||||
| CVE-2014-8943 | 1 Piwigo | 1 Lexiglot | 2026-06-17 | 6.5 MEDIUM | 8.8 HIGH |
| Lexiglot through 2014-11-20 allows SSRF via the admin.php?page=projects svn_url parameter. | |||||
| CVE-2014-3990 | 1 Opencart | 1 Opencart | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| The Cart::getProducts method in system/library/cart.php in OpenCart 1.5.6.4 and earlier allows remote attackers to conduct server-side request forgery (SSRF) attacks or possibly conduct XML External Entity (XXE) attacks and execute arbitrary code via a crafted serialized PHP object, related to the quantity parameter in an update request. | |||||
| CVE-2013-4864 | 1 Micasaverde | 2 Veralite, Veralite Firmware | 2026-06-16 | 7.5 HIGH | 9.8 CRITICAL |
| MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to send HTTP requests to intranet servers via the url parameter to cgi-bin/cmh/proxy.sh, related to a Server-Side Request Forgery (SSRF) issue. | |||||
| CVE-2012-10018 | 1 Mapplic | 1 Mapplic | 2026-06-16 | N/A | 8.3 HIGH |
| The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery in versions up to, and including 6.1, 1.0 respectively. This makes it possible for attackers to forgery requests coming from a vulnerable site's server and ultimately perform an XSS attack if requesting an SVG file. | |||||
| CVE-2010-1637 | 4 Apple, Fedoraproject, Redhat and 1 more | 7 Mac Os X, Mac Os X Server, Fedora and 4 more | 2026-06-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number. | |||||
| CVE-2007-6758 | 1 Sencha | 1 Ext Js | 2026-06-16 | 5.0 MEDIUM | 7.5 HIGH |
| Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0. | |||||
| CVE-2004-2061 | 1 Risearch | 2 Risearch, Risearch Pro | 2026-06-16 | 7.5 HIGH | 9.8 CRITICAL |
| RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, or (3) file:// URL. | |||||
| CVE-2002-1484 | 1 Siemens | 1 Db4web | 2026-06-16 | 7.5 HIGH | 9.8 CRITICAL |
| DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error message. | |||||
| CVE-2026-53859 | 2026-06-16 | N/A | 6.5 MEDIUM | ||
| OpenClaw before 2026.5.26 contains a hostname validation vulnerability allowing attackers to bypass blocklist comparisons using trailing-dot notation in model or workspace-derived URLs. Attackers can exploit inconsistent hostname checks to reach destinations that operators intended to block through hostname policies. | |||||
| CVE-2026-47684 | 2026-06-16 | N/A | 7.7 HIGH | ||
| Sync-in Server is a secure, open-source platform for file storage, sharing, collaboration, and syncing. Prior to version 2.3.0, the private IP blocklist regex used in the URL download feature does not match IPv4-mapped IPv6 addresses (e.g. ::ffff:127.0.0.1), allowing SSRF protection to be bypassed on dual-stack systems. Version 2.3.0 fixes the issue. | |||||
| CVE-2026-50888 | 2026-06-16 | N/A | 8.1 HIGH | ||
| An authenticated Server-Side Request Forgery (SSRF) in the custom scraper subsystem component of Benjamin Jonard Koillection v1.8.0 allows attackers to scan internal resources via supplying a crafted URL. | |||||
| CVE-2026-3341 | 1 Langflow | 1 Langflow Desktop | 2026-06-16 | N/A | 5.4 MEDIUM |
| IBM Langflow Desktop 1.0.0 through 1.9.2 IBM Langflow is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. | |||||
| CVE-2026-50887 | 2026-06-16 | N/A | 9.1 CRITICAL | ||
| A Server-Side Request Forgery (SSRF) in the automatic short URL title resolution component of shlink v5.0.1 allows attackers to scan internal resources via supplying a crafted longUrl. | |||||
| CVE-2026-53827 | 1 Openclaw | 1 Openclaw | 2026-06-16 | N/A | 6.5 MEDIUM |
| OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action forwarding that allows model-controlled metadata to forward action payloads with Gateway credentials to attacker-supplied loopback URLs. Remote attackers can intercept Gateway tokens and action payloads by providing malicious loopback targets through model-controlled action metadata. | |||||
| CVE-2025-60175 | 2026-06-15 | N/A | 4.4 MEDIUM | ||
| Administrator Server Side Request Forgery (SSRF) in PopAd <= 1.0.4 versions. | |||||
| CVE-2026-45012 | 2026-06-15 | N/A | 7.6 HIGH | ||
| ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 contain an authenticated server-side request forgery (SSRF) in the rich-text widget import flow. An authenticated user who can submit/edit rich-text widget content can cause the server to fetch attacker-controlled URLs during widget validation. For image-compatible responses, the fetched content can be persisted and re-hosted by Apostrophe, allowing response exfiltration. As of time of publication, no known patched versions are available. | |||||
| CVE-2026-50552 | 2026-06-15 | N/A | 6.3 MEDIUM | ||
| Koel is a free, open-source music streaming solution. Prior to version 9.7.1, Koel contains a Server-Side Request Forgery (SSRF) vulnerability in the radio station creation endpoint (POST /api/radio/stations). The url field validation rules are declared without the bail keyword, so the HasAudioContentType rule — which issues HTTP requests to the supplied URL — still executes even after the SafeUrl rule has rejected the URL as pointing to a private/reserved address. Any authenticated, non-admin user can therefore coerce the server into making HEAD/GET requests to arbitrary internal hosts. This issue has been patched in version 9.7.1. | |||||