Weaknesses of type CWE-918

2,192 results
CVE-2025-34230MEDIUMVasion Print (formerly PrinterLogic) Blind SSRF via HP log_off_single_sign_on.phpEPSS 0.5%CVE-2023-26438MEDIUMExternal service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use (TOCTOU) weakness, involving the JDK DNS cEPSS 0.5%CVE-2025-34229MEDIUMVasion Print (formerly PrinterLogic) Blind SSRF via HP installApp.phpEPSS 0.5%CVE-2024-6424CRITICALServer-Side Request Forgery vulnerability in MESbookEPSS 0.5%CVE-2024-0649MEDIUMZhiHuiYun Search ImageController.php download_network_image server-side request forgeryEPSS 0.5%CVE-2023-50714MEDIUMThe Oauth2 PKCE implementation is vulnerableEPSS 0.5%CVE-2023-48711LOWServer-Side Request Forgery (SSRF) Vulnerability in google-translate-api-browserEPSS 0.5%CVE-2023-23800HIGHWordPress Shortcodes Ultimate Plugin <= 5.12.6 is vulnerable to Server Side Request Forgery (SSRF)EPSS 0.5%CVE-2026-40564MEDIUMApache Flink Kubernetes Operator: Server-Side Request Forgery and local file access in Kubernetes OperatorEPSS 0.5%CVE-2023-53899MEDIUMPodcastGenerator 3.2.9 Blind Server-Side Request Forgery via XML InjectionEPSS 0.5%CVE-2024-48232MEDIUMAn issue was found in mipjz 5.0.5. In the mipPost method of \app\setting\controller\ApiAdminTool.php, the value of the postAddress parameterEPSS 0.5%CVE-2024-4084HIGHSSRF vulnerability in mintplex-labs/anything-llmEPSS 0.5%CVE-2025-25301MEDIUMRembg allows SSRF via /api/removeEPSS 0.5%CVE-2026-25960HIGHSSRF Protection Bypass in vLLMEPSS 0.5%CVE-2024-8977HIGHServer-Side Request Forgery (SSRF) in GitLabEPSS 0.5%CVE-2022-3189MEDIUMDataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specially crafted PHP script could use parameters froEPSS 0.5%CVE-2024-52588MEDIUMStrapi allows Server-Side Request Forgery in Webhook functionEPSS 0.5%CVE-2023-32052MEDIUMMicrosoft Power Apps (online) Spoofing VulnerabilityEPSS 0.5%CVE-2025-3954MEDIUMChurchCRM Referer server-side request forgeryEPSS 0.5%CVE-2024-6524MEDIUMShopXO Uploader.php server-side request forgeryEPSS 0.5%