Falhas do tipo CWE-918
2.185 resultadosCVE-2024-1855MEDIUMWPCafe <= 2.2.23 - Unauthenticated Blind Server-Side Request ForgeryEPSS 0.4%CVE-2024-39699MEDIUMDirectus has a Blind SSRF On File ImportEPSS 0.4%CVE-2023-23684MEDIUMWordPress WPGraphQL Plugin <= 1.14.5 is vulnerable to Server Side Request Forgery (SSRF)EPSS 0.4%CVE-2025-5005MEDIUMShanghai Lingdang Information Technology Lingdang CRM index_event.php server-side request forgeryEPSS 0.4%CVE-2026-34515MEDIUMAIOHTTP: UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on WindowsEPSS 0.4%CVE-2024-13907MEDIUMTotal Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.8 - Authenticated (Administrator+) Server-Side Request ForgeryEPSS 0.4%CVE-2026-43897HIGHLink Preview JS: vunerable to IPv6 and internal loopback attacksEPSS 0.4%CVE-2024-0403MEDIUMRecipes 1.5.10 - Blind SSRFEPSS 0.4%CVE-2022-40312MEDIUMWordPress GiveWP Plugin <= 2.25.1 is vulnerable to Server Side Request Forgery (SSRF)EPSS 0.4%CVE-2026-33351CRITICALAVideo has Unauthenticated SSRF via `webSiteRootURL` Parameter in saveDVR.json.php, Chaining to Verification BypassEPSS 0.4%CVE-2024-29035MEDIUMUmbraco's Blind SSRF Leads to Port Scan by using WebhooksEPSS 0.4%CVE-2026-27797MEDIUMHomarr: Unauthenticated SSRF in rssFeed.tsEPSS 0.4%CVE-2023-49159HIGHWordPress CommentLuv Plugin <= 3.0.4 is vulnerable to Server Side Request Forgery (SSRF)EPSS 0.4%CVE-2026-28271MEDIUMKiteworks Core is vulnerable to Server-Side Request Forgery (SSRF)EPSS 0.4%CVE-2022-38708MEDIUMIBM Cognos Analytics server-side request forgeryEPSS 0.4%CVE-2025-5327MEDIUMchshcms mccms Gf.php index server-side request forgeryEPSS 0.4%CVE-2026-32812MEDIUMAdmidio Vulnerable to SSRF and Local File Read via Unrestricted URL Fetch in SSO Metadata EndpointEPSS 0.4%CVE-2026-20035HIGHCisco Unity Connection Server-Side Request Forgery VulnerabilityEPSS 0.4%CVE-2025-68437MEDIUMCraft CMS vulnerable to Server-Side Request Forgery (SSRF) via GraphQL Asset Upload MutationEPSS 0.4%CVE-2025-56589HIGHA Local File Inclusion (LFI) and a Server-Side Request Forgery (SSRF) vulnerability was found in the InsertFromHtmlString() function of the EPSS 0.4%