Benjamin Eckel

3 exploits Active since Nov 2017
CVE-2017-0905 WRITEUP CRITICAL WRITEUP
Recurly Client Ruby Library <2.0.13-2.11.3 - SSRF
The Recurly Client Ruby Library before 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3 is vulnerable to a Server-Side Request Forgery vulnerability in the "Resource#find" method that could result in compromise of API keys or other critical resources.
CVSS 9.8
CVE-2017-0906 WRITEUP CRITICAL WRITEUP
Recurly Client Python Library <2.0.5-2.6.2 - SSRF
The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerability in the "Resource.get" method that could result in compromise of API keys or other critical resources.
CVSS 9.8
CVE-2017-0907 WRITEUP CRITICAL WRITEUP
Recurly Client .NET Library <1.0.1-1.8.1 - SSRF
The Recurly Client .NET Library before 1.0.1, 1.1.10, 1.2.8, 1.3.2, 1.4.14, 1.5.3, 1.6.2, 1.7.1, 1.8.1 is vulnerable to a Server-Side Request Forgery vulnerability due to incorrect use of "Uri.EscapeUriString" that could result in compromise of API keys or other critical resources.
CVSS 9.8