CVE-2017-20106

MEDIUM Year: 2017
CVSS v3 Score
4.4
Medium
CVSS v2 Score
3.6
Low
Weakness Type
CWE-918
View all →

Vulnerability Description

A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument upload_url leads to server-side request forgery. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2022-44730

MEDIUM
CVSS:4.4(Medium)

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / da...

CWE-9182022

CVE-2023-20002

MEDIUM
CVSS:4.4(Medium)

A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. This vulnerab...

CWE-9182023

CVE-2024-30420

MEDIUM
CVSS:4.4(Medium)

Server-side request forgery (SSRF) vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12 and Ver.3.0.x series versions prior to Ver.3.0.32. If this vulnerability is exploite...

CWE-9182024

CVE-2024-32454

MEDIUM
CVSS:4.4(Medium)

Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appointment Bookings for Zoom GoogleMeet and more – Wappointment.This issue affects Appointment Bookings for Zoom GoogleMeet and more –...

CWE-9182024

CVE-2024-33627

MEDIUM
CVSS:4.4(Medium)

Server-Side Request Forgery (SSRF) vulnerability in Cusmin Absolutely Glamorous Custom Admin.This issue affects Absolutely Glamorous Custom Admin: from n/a through 7.2.2.

CWE-9182024

CVE-2024-33629

MEDIUM
CVSS:4.4(Medium)

Server-Side Request Forgery (SSRF) vulnerability in Creative Motion Auto Featured Image (Auto Post Thumbnail).This issue affects Auto Featured Image (Auto Post Thumbnail): from n/a through 4.0.0.

CWE-9182024