Fallos del tipo CWE-918

2185 resultados
CVE-2025-56589HIGHA Local File Inclusion (LFI) and a Server-Side Request Forgery (SSRF) vulnerability was found in the InsertFromHtmlString() function of the EPSS 0.4%CVE-2026-32949HIGHSQLBot: SSRF to Arbitrary File Read (AFR) via Rogue MySQLEPSS 0.4%CVE-2023-24515MEDIUMServer side request forgery in api checkerEPSS 0.4%CVE-2023-37440MEDIUMAuthenticated Server-Side Request Forgery (SSRF) Leading to Information DisclosureEPSS 0.4%CVE-2024-4561MEDIUMWhatsUp Gold Server-Side Request Forgery Information Disclosure Vulnerability via FaviconControllerEPSS 0.4%CVE-2024-12989MEDIUMWISI Tangram GT31 HTTP Request server-side request forgeryEPSS 0.4%CVE-2026-5131MEDIUMServer-Side Request Forgery in GREENmodEPSS 0.4%CVE-2025-15104MEDIUMNu Html Checker (validator.nu) - Restriction bypass vulnerability allowing local SSRFEPSS 0.4%CVE-2026-30834HIGHPinchTab: SSRF with Full Response Exfiltration via Download HandlerEPSS 0.4%CVE-2024-57767HIGHMSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /file/download.EPSS 0.4%CVE-2025-59055MEDIUMInstantCMS vulnerable to Server-Side Request Forgery via package installerEPSS 0.4%CVE-2025-6517MEDIUMDromara MaxKey Meta URL SAML20DetailsController.java add server-side request forgeryEPSS 0.4%CVE-2023-49795MEDIUMMindsDB Server-Side Request Forgery vulnerabilityEPSS 0.4%CVE-2026-3789MEDIUMBytedesk SpringAIGiteeRestController SpringAIGiteeRestService.java getModels server-side request forgeryEPSS 0.4%CVE-2025-54924HIGHCWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthorized access to sensitive data when an attacker senEPSS 0.4%CVE-2024-2206HIGHSSRF Vulnerability in gradio-app/gradioEPSS 0.4%CVE-2023-40033HIGHServer-Side Request Forgery via Avatar upload in flarumEPSS 0.4%CVE-2025-63551HIGHA Server-Side Request Forgery (SSRF) vulnerability, achievable through an XML External Entity (XXE) injection, exists in MetInfo Content ManEPSS 0.4%CVE-2026-27129MEDIUMCloud Metadata SSRF Protection Bypass via IPv6 ResolutionEPSS 0.4%CVE-2023-38515MEDIUMWordPress Church Admin Plugin <= 3.7.56 is vulnerable to Server Side Request Forgery (SSRF)EPSS 0.4%