Weaknesses of type CWE-918
2,185 resultsCVE-2024-40625MEDIUMGeoServer Coverage REST API Allows Server Side Request ForgeryEPSS 0.3%CVE-2025-10760MEDIUMHarness lookup_repo.go LookupRepo server-side request forgeryEPSS 0.3%CVE-2025-24703MEDIUMWordPress Comment Edit Core – Simple Comment Editing Plugin <= 3.0.33 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.3%CVE-2025-9269MEDIUMServer-Side Request Forgery (SSRF) vulnerability found in embedded web serverEPSS 0.3%CVE-2025-40595HIGHA Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. By using an encoded UREPSS 0.3%CVE-2026-8725MEDIUMCoreWorxLab CAAL test-hass Endpoint webhooks.py server-side request forgeryEPSS 0.3%CVE-2025-29450MEDIUMAn issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the site settings component.EPSS 0.3%CVE-2025-29456MEDIUMAn issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the crEPSS 0.3%CVE-2025-7759MEDIUMthinkgem JeeSite UEditor Image Grabber ActionEnter.java server-side request forgeryEPSS 0.3%CVE-2025-29453MEDIUMAn issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the myEPSS 0.3%CVE-2025-29454MEDIUMAn issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the UpEPSS 0.3%CVE-2026-34076HIGHClerk JavaScript: SSRF in the opt-in clerkFrontendApiProxy feature may leak secret keys to unintended hostEPSS 0.3%CVE-2025-29449MEDIUMAn issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the link identification function.EPSS 0.3%CVE-2024-39598MEDIUM[Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI)EPSS 0.3%CVE-2025-8020HIGHAll versions of the package private-ip are vulnerable to Server-Side Request Forgery (SSRF) where an attacker can provide an IP or hostname EPSS 0.3%CVE-2024-10814MEDIUMCode Embed <= 2.5 - Authenticated (Contributor+) Server-Side Request ForgeryEPSS 0.3%CVE-2025-29455MEDIUMAn issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the TrEPSS 0.3%CVE-2024-35451MEDIUMLinkStack 2.7.9 through 4.7.7 allows resources\views\components\favicon.blade.php link SSRF.EPSS 0.3%CVE-2026-45501MEDIUMMicrosoft Exchange Server Spoofing VulnerabilityEPSS 0.3%CVE-2025-64522CRITICALSoft Serve is vulnerable to SSRF through its WebhooksEPSS 0.3%