漏洞描述
Ignite Realtime Openfire是IgniteRealtime社区的一款采用Java开发且基于XMPP(前称Jabber,即时通讯协议)的跨平台开源实时协作(RTC)服务器。该系统存在ssrf漏洞
Ignite Realtime Openfire <=4.4.2存在服务端请求伪造漏洞(CVE-2019-18394)
PoC代码
暂无相关漏洞推荐
-
CVE-2019-18394: Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery POC
2025-08-01 | Ignite Realtime OpenfireIgnite Realtime Openfire through version 4.4.2 allows attackers to send arbitrary HTTP GET requests ... -
Ignite Realtime Openfire 跨站脚本漏洞 无POC
2018-06-14 | Ignite Realtime OpenfireIgnite Realtime Openfire是Ignite Realtime社区的一款采用Java开发且基于XMPP(前称Jabber,即时通讯协议)的跨平台开源实时协作(RTC)服务器,它能够构... -
Ignite Realtime Openfire 多个跨站请求伪造漏洞 无POC
2015-09-17 | Ignite Realtime OpenfireIgnite Realtime Openfire(前称Wildfire)是IgniteRealtime社区的一款采用Java开发且基于XMPP(前称Jabber,即时通讯协议)的跨平台开源实时协作(R... -
CVE-2019-0193: Apache Solr Remote Code Execution POC
2025-09-01 | Apache Solr2019 年 08 月 01 日,Apache Solr 官方发布预警,Apache Solr DataImport 功能 在开启 Debug 模式时,可以接收来自请求的”dataConfig”参数,... -
CVE-2019-0230: Apache Struts <=2.5.20 - Remote Code Execution S2-059 POC
2025-09-01 | Apache StrutsApache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation when evaluated on raw user input in tag ...