Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.642 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 169 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Search results for: SSRF

Displaying 1 - 25 results out of 153

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
WordPress <= 6.2 - Server Side Request Forgery CVE-2022-3590	Network Scanner	Sep 20, 2025	Medium(5.9)	No
Astro Cloudflare Adapter - Server Side Request Forgery CVE-2025-58179	Network Scanner	Sep 19, 2025	High(7.2)	No
Stirling-PDF SSRF via Markdown CVE-2025-55161	Network Scanner	Sep 18, 2025	High(8.6)	No
Memos 0.13.2 - Server-Side Request Forgery CVE-2024-29030	Network Scanner	Sep 12, 2025	Medium(6.1)	No
Next.js Middleware - Server-Side Request Forgery CVE-2025-57822	Network Scanner	Sep 5, 2025	Medium(6.5)	No
Memos 0.13.2 - Server-Side Request Forgery CVE-2024-29028	Network Scanner	Sep 5, 2025	Medium(5.3)	No
Memos 0.13.2 - Cross-Site Scripting & SSRF CVE-2024-29029	Network Scanner	Sep 5, 2025	Medium(6.1)	No
Portal API - Server Side Request Forgery	Network Scanner	Aug 30, 2025	N/A	No
Request-Baskets <= 1.2.1 - Server Side Request Forgery CVE-2023-27163	Network Scanner	Aug 21, 2025	Medium(6.5)	No
Apache Druid - Server-Side Request Forgery CVE-2025-27888	Network Scanner	Aug 18, 2025	Medium(5.4)	No
TiTiler - Blind Server Side Request Forgery	Network Scanner	Aug 12, 2025	N/A	No
OneNav v0.9.35-20240318 - Server-Side Request Forgery (SSRF) CVE-2024-33832	Network Scanner	Jul 18, 2025	Medium(6.5)	No
LyLme spage v1.9.5 - Server-Side Request Forgery CVE-2024-36675	Network Scanner	Jul 18, 2025	Critical(9.1)	No
GeoServer Demo Request Endpoint - Server Side Request Forgery CVE-2024-29198	Network Scanner	Jul 18, 2025	High(7.5)	No
WordPress Broken Link Notifier < 1.3.1 - Unauthenticated SSRF CVE-2025-6851	Network Scanner	Jul 16, 2025	High(7.5)	No
Gradio - Server-Side Request Forgery CVE-2024-4325	Network Scanner	Jun 24, 2025	High(8.6)	No
GeoServer WFS - XXE Processing Vulnerability CVE-2025-30220	Network Scanner	Jun 18, 2025	Critical(9.9)	No
Grafana - XSS / Open Redirect / SSRF via Client Path Traversal CVE-2025-4123	Network Scanner	May 23, 2025	High(7.6)	No
draw.io < 18.0.5 - Server Side Request Forgery (SSRF) CVE-2022-1711	Network Scanner	May 2, 2025	High(7.5)	No
Commvault - SSRF via /commandcenter/deployWebpackage.do CVE-2025-34028	Network Scanner	Apr 28, 2025	Critical(10)	No
WordPress WPB Show Core <= 2.2 - Server-Side Request Forgery CVE-2023-5974	Network Scanner	Mar 14, 2025	Critical(9.8)	No
WordPress CAS Theme <= 1.0.0 - Server-Side Request Forgery CVE-2024-4399	Network Scanner	Mar 14, 2025	Critical(9.1)	No
QNAP QuTS hero SSRF Vulnerability (QSA-24-53) CVE-2024-53696	Network Scanner	Mar 12, 2025	N/A	No
QNAP QTS SSRF Vulnerability (QSA-24-53) CVE-2024-53696	Network Scanner	Mar 12, 2025	N/A	No
WordPress TablePress Plugin < 2.3.2 SSRF Vulnerability CVE-2024-4354	Network Scanner	Mar 5, 2025	Medium(6.4)	No