Weaknesses of type CWE-918
2,203 resultsCVE-2024-39598MEDIUM[Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI)EPSS 0.3%CVE-2024-10814MEDIUMCode Embed <= 2.5 - Authenticated (Contributor+) Server-Side Request ForgeryEPSS 0.3%CVE-2025-29450MEDIUMAn issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the site settings component.EPSS 0.3%CVE-2026-45501MEDIUMMicrosoft Exchange Server Spoofing VulnerabilityEPSS 0.3%CVE-2024-35451MEDIUMLinkStack 2.7.9 through 4.7.7 allows resources\views\components\favicon.blade.php link SSRF.EPSS 0.3%CVE-2025-29460HIGHAn issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Add Mycode function. NOTE: the Supplier disputes thEPSS 0.3%CVE-2023-6195LOWServer-Side Request Forgery (SSRF) in GitLabEPSS 0.3%CVE-2026-27479HIGHWallos: SSRF via Redirect Bypass in Logo/Icon URL FetchEPSS 0.3%CVE-2025-47635MEDIUMWordPress WebinarPress plugin <= 1.33.28 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.3%CVE-2025-64522CRITICALSoft Serve is vulnerable to SSRF through its WebhooksEPSS 0.3%CVE-2025-5140MEDIUMSeeyon Zhiyuan OA Web Application System ThirdMenuController.class this.oursNetService.getData server-side request forgeryEPSS 0.3%CVE-2023-51676MEDIUMWordPress Happy Addons for Elementor Plugin <= 3.9.1.1 is vulnerable to Server Side Request Forgery (SSRF)EPSS 0.3%CVE-2026-40107HIGHSiYuan Affected by Zero-Click NTLM Hash Theft and Blind SSRF via Mermaid Diagram RenderingEPSS 0.3%CVE-2025-14443MEDIUMOse-openshift-apiserver: openshift api server: server-side request forgery (ssrf) vulnerability in imagestreamimport mechanismEPSS 0.3%CVE-2024-13857MEDIUMWPGet API <= 2.2.10 - Authenticated (Administrator+) Server-Side Request ForgeryEPSS 0.3%CVE-2024-30453MEDIUMWordPress Brave plugin <= 0.6.5 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.3%CVE-2026-10280MEDIUMhorizon921 mcpilot MCP API Call Endpoint route.ts server-side request forgeryEPSS 0.3%CVE-2026-42175MEDIUMrequests-hardened: Server-Side Request Forgery (SSRF) in requests-hardened RFC 6598EPSS 0.3%CVE-2022-35282MEDIUMIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted EPSS 0.3%CVE-2025-62719LOWLinkAce: Limited Server-Side Request Forgery (SSRF) in Keyword Fetching FunctionalityEPSS 0.3%