Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.597 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 169 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Search results for: SSRF

Displaying 1 - 25 results out of 151

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
Stirling-PDF SSRF via Markdown CVE-2025-55161	Network Scanner	Sep 18, 2025	High(8.6)	No
Memos 0.13.2 - Server-Side Request Forgery CVE-2024-29030	Network Scanner	Sep 12, 2025	Medium(6.1)	No
Memos 0.13.2 - Cross-Site Scripting & SSRF CVE-2024-29029	Network Scanner	Sep 5, 2025	Medium(6.1)	No
Next.js Middleware - Server-Side Request Forgery CVE-2025-57822	Network Scanner	Sep 5, 2025	Medium(6.5)	No
Memos 0.13.2 - Server-Side Request Forgery CVE-2024-29028	Network Scanner	Sep 5, 2025	Medium(5.3)	No
Portal API - Server Side Request Forgery	Network Scanner	Aug 30, 2025	High	No
Request-Baskets <= 1.2.1 - Server Side Request Forgery CVE-2023-27163	Network Scanner	Aug 21, 2025	Medium(6.5)	No
Apache Druid - Server-Side Request Forgery CVE-2025-27888	Network Scanner	Aug 18, 2025	High(5.4)	No
TiTiler - Blind Server Side Request Forgery	Network Scanner	Aug 12, 2025	High	No
OneNav v0.9.35-20240318 - Server-Side Request Forgery (SSRF) CVE-2024-33832	Network Scanner	Jul 18, 2025	Medium(6.5)	No
GeoServer Demo Request Endpoint - Server Side Request Forgery CVE-2024-29198	Network Scanner	Jul 18, 2025	High(7.5)	No
LyLme spage v1.9.5 - Server-Side Request Forgery CVE-2024-36675	Network Scanner	Jul 18, 2025	Critical(9.1)	No
WordPress Broken Link Notifier < 1.3.1 - Unauthenticated SSRF CVE-2025-6851	Network Scanner	Jul 16, 2025	High(7.5)	No
Gradio - Server-Side Request Forgery CVE-2024-4325	Network Scanner	Jun 24, 2025	High(8.6)	No
GeoServer WFS - XXE Processing Vulnerability CVE-2025-30220	Network Scanner	Jun 18, 2025	Critical(9.9)	No
Grafana - XSS / Open Redirect / SSRF via Client Path Traversal CVE-2025-4123	Network Scanner	May 23, 2025	High(7.6)	No
draw.io < 18.0.5 - Server Side Request Forgery (SSRF) CVE-2022-1711	Network Scanner	May 2, 2025	High(7.5)	No
Commvault - SSRF via /commandcenter/deployWebpackage.do CVE-2025-34028	Network Scanner	Apr 28, 2025	Critical(10)	No
WordPress WPB Show Core <= 2.2 - Server-Side Request Forgery CVE-2023-5974	Network Scanner	Mar 14, 2025	Critical(9.8)	No
WordPress CAS Theme <= 1.0.0 - Server-Side Request Forgery CVE-2024-4399	Network Scanner	Mar 14, 2025	Critical(9.1)	No
QNAP QTS SSRF Vulnerability (QSA-24-53) CVE-2024-53696	Network Scanner	Mar 12, 2025	N/A	No
QNAP QuTS hero SSRF Vulnerability (QSA-24-53) CVE-2024-53696	Network Scanner	Mar 12, 2025	N/A	No
WordPress TablePress Plugin < 2.2.5 SSRF Vulnerability CVE-2024-23825	Network Scanner	Mar 5, 2025	Medium(4.9)	No
WordPress TablePress Plugin < 2.3.2 SSRF Vulnerability CVE-2024-4354	Network Scanner	Mar 5, 2025	Medium(6.4)	No
Elestio Memos <= v0.24.0 - Server-Side Request Forgery CVE-2025-22952	Network Scanner	Mar 5, 2025	Critical(9.8)	No