Weaknesses of type CWE-918
2,172 resultsCVE-2026-7798MEDIUMFluentCRM <= 2.9.87 - Unauthenticated Blind Server-Side Request Forgery via 'SubscribeURL' ParameterEPSS 0.6%CVE-2023-28824MEDIUMServer-side request forgery vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected pEPSS 0.6%CVE-2023-37261CRITICALOpenComputers's SSRF to cloud service metadata services and local IPv6 addresses not blocked by defaultEPSS 0.6%CVE-2023-1725CRITICALSSRF in Infoline Project Management SystemEPSS 0.6%CVE-2023-26366MEDIUMValidate Your Inputs | Server-Side Request Forgery (SSRF) (CWE-918)EPSS 0.6%CVE-2023-40017HIGHGeonode Server Side Request Forgery vulnerabilityEPSS 0.6%CVE-2023-0574MEDIUMServer-Side Request ForgeryEPSS 0.6%CVE-2024-47049HIGHThe czim/file-handling package before 1.5.0 and 2.x before 2.3.0 (used with PHP Composer) does not properly validate URLs within makeFromUrlEPSS 0.6%CVE-2023-1971MEDIUMyuan1994 tpAdmin Upload.php remote server-side request forgeryEPSS 0.6%CVE-2024-0440CRITICALSSRF - file:// unsanitized access to underlying host filesEPSS 0.6%CVE-2025-51591LOWA Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injEPSS 0.6%CVE-2023-46729CRITICALSentry Next.js vulnerable to SSRF via Next.js SDK tunnel endpointEPSS 0.6%CVE-2024-38645CRITICALNotes Station 3EPSS 0.6%CVE-2026-28508CRITICALIdno: Unauthenticated SSRF via URL Unfurl EndpointEPSS 0.6%CVE-2025-6851HIGHBroken Link Notifier <= 1.3.0 - Unauthenticated Server-Side Request ForgeryEPSS 0.6%CVE-2025-62207HIGHAzure Monitor Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2022-37938CRITICALUnauthenticated server side request forgery in HPE Serviceguard ManagerEPSS 0.6%CVE-2022-47635CRITICALWildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214, and WMS4 before 4.04.45396.23 allows Server-side request forgery (SSRF) via ZEPSS 0.6%CVE-2024-0945HIGH60IndexPage Parameter file.php server-side request forgeryEPSS 0.6%CVE-2022-41552CRITICALServer-Side Request Forgery Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center AnalyzerEPSS 0.6%