Falhas do tipo CWE-610
84 resultadosCVE-2018-12475MEDIUMobs-service-download_files allows downloading from localhost or intranet hostsEPSS 0.6%CVE-2026-0522HIGHLocal File Inclusion in the File Upload/Download ProcessEPSS 0.6%CVE-2022-43423MEDIUMJenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin 2.0.12 and earlier implements an agent/controller message that doesEPSS 0.6%CVE-2025-7523MEDIUMJinher OA DelTemp.aspx xml external entity referenceEPSS 0.6%CVE-2025-11140MEDIUMBjskzy Zhiyou ERP com.artery.richclient.RichClientService openForm xml external entity referenceEPSS 0.6%CVE-2025-10092MEDIUMJinher OA XML Type xml external entity referenceEPSS 0.5%CVE-2025-10091MEDIUMJinher OA XML Type xml external entity referenceEPSS 0.5%CVE-2025-10816MEDIUMJinher OA XML text xml external entity referenceEPSS 0.5%CVE-2025-3241MEDIUMzhangyanbo2007 youkefu XML Document CallCenterRouterController.java xml external entity referenceEPSS 0.5%CVE-2024-32980CRITICALSpin contains a potential network sandbox escape for specifically configured Spin applicationsEPSS 0.5%CVE-2025-7824MEDIUMJinher OA XmlHttp.aspx xml external entity referenceEPSS 0.5%CVE-2025-7823MEDIUMJinher OA ProjectScheduleDelete.aspx xml external entity referenceEPSS 0.5%CVE-2026-47357CRITICALTerrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via the remote_url parameter in the remote directory scan eEPSS 0.5%CVE-2026-47358CRITICALTerrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via external URL resolution in uploaded IaC templates when EPSS 0.5%CVE-2025-11341MEDIUMJinher OA type xml external entity referenceEPSS 0.5%CVE-2023-4089LOWWAGO: Multiple products vulnerable to local file inclusionEPSS 0.5%CVE-2015-10142MEDIUMSitecore XP < 8.0 and CMS < 7.2 and < 7.5 File Read via Known PathEPSS 0.4%CVE-2022-23439MEDIUMA externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafteEPSS 0.4%CVE-2025-9065HIGHRockwell Automation ThinManager® Server-Side Request Forgery VulnerabilityEPSS 0.4%CVE-2023-37855MEDIUMPHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panelsEPSS 0.4%