Weaknesses of type CWE-918

2,185 results
CVE-2017-20157MEDIUMAriadne Component Library Url.php server-side request forgeryEPSS 0.7%CVE-2024-9710HIGHPostHog database_schema Server-Side Request Forgery Information Disclosure VulnerabilityEPSS 0.7%CVE-2026-42043HIGHAxios: Incomplete Fix for CVE-2025-62718 — NO_PROXY Protection Bypassed via RFC 1122 Loopback Subnet (127.0.0.0/8) in Axios 1.15.0EPSS 0.7%CVE-2024-27565CRITICALA Server-Side Request Forgery (SSRF) in weixin.php of ChatGPT-wechat-personal commit a0857f6 allows attackers to force the application to maEPSS 0.7%CVE-2022-3247MEDIUMBlog2Social < 6.9.10 - Subscriber+ SSRFEPSS 0.7%CVE-2024-23761CRITICALServer Side Template Injection in Gambio 4.9.2.0 allows attackers to run arbitrary code via crafted smarty email template.EPSS 0.7%CVE-2024-25187HIGHServer Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated attackers to obtain sensitive information viEPSS 0.7%CVE-2023-51804HIGHAn issue in rymcu forest v.0.02 allows a remote attacker to obtain sensitive information via manipulation of the HTTP body URL in the com.ryEPSS 0.7%CVE-2022-43776MEDIUMThe url parameter of the /api/geojson endpoint in Metabase versions <44.5 can be used to perform Server Side Request Forgery attacks. PrevioEPSS 0.7%CVE-2022-41906HIGHOpenSearch Notifications is vulnerable to Server-Side Request Forgery (SSRF) EPSS 0.7%CVE-2025-64663CRITICALCustom Question Answering Elevation of Privilege VulnerabilityEPSS 0.7%CVE-2023-31219MEDIUMWordPress Download Monitor Plugin <= 4.8.1 is vulnerable to Server Side Request Forgery (SSRF)EPSS 0.7%CVE-2024-49521HIGHAdobe Commerce | Server-Side Request Forgery (SSRF) (CWE-918)EPSS 0.7%CVE-2024-5482HIGHSSRF in add_webpage endpoint in parisneo/lollms-webuiEPSS 0.7%CVE-2025-56520MEDIUMDify v1.6.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component controllers.console.remote_files.RemoteFileUploEPSS 0.6%CVE-2025-10211MEDIUMyanyutao0402 ChanCMS getArticle CollectController server-side request forgeryEPSS 0.6%CVE-2024-42352HIGHServer-Side Request Forgery (SSRF) in nuxt-iconEPSS 0.6%CVE-2023-29010MEDIUMBudiBase Server-Side Request Forgery vulnerabilityEPSS 0.6%CVE-2025-58045HIGHDataease server-side request forgery via unfiltered DB2 JDBC ldap parameterEPSS 0.6%CVE-2024-11603HIGHServer-Side Request Forgery in lm-sys/fastchatEPSS 0.6%