Fallos del tipo CWE-918

2204 resultados
CVE-2025-10874MEDIUMOrbit Fox < 3.0.2 - Author+ Server-Side Request ForgeryEPSS 0.2%CVE-2026-33205MEDIUMcalibre has Server-Side Request Forgery in ebook viewer backendEPSS 0.2%CVE-2026-32037LOWOpenClaw < 2026.2.22 - Redirect Chain Bypass of Media Host Allowlist in MSTeams Attachment HandlingEPSS 0.2%CVE-2025-54087LOWServer-side request forgery in Secure AccessEPSS 0.2%CVE-2025-48364MEDIUMWordPress rajce plugin <= 0.4.2 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2025-31076MEDIUMWordPress WP Compress for MainWP plugin <= 6.30.03 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2026-28385MEDIUMSSRF via image import from URL allows internal network probing by authenticated usersEPSS 0.2%CVE-2026-39922MEDIUMGeoNode SSRF via Service RegistrationEPSS 0.2%CVE-2026-36764MEDIUMA Server-Side Request Forgery (SSRF) in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackersEPSS 0.2%CVE-2026-36757MEDIUMA Server-Side Request Forgery (SSRF) in the /plugins/{name}/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scaEPSS 0.2%CVE-2026-44589LOWnuxt-og-image SSRF — bypass of GHSA-pqhr-mp3f-hrpp / v6.2.5 fix (IPv6 + redirect)EPSS 0.2%CVE-2026-56779MEDIUMMaxKB < 2.10.0 - Server-Side Request Forgery via downloadCallbackUrl and download_url ParametersEPSS 0.2%CVE-2025-25827MEDIUMA Server-Side Request Forgery (SSRF) in the component sort.php of Emlog Pro v2.5.4 allows attackers to scan local and internal ports via supEPSS 0.2%CVE-2026-7471LOWServer-Side Request Forgery (SSRF) in GitLabEPSS 0.2%CVE-2026-22358MEDIUMWordPress Electrician - Electrical Service WordPress theme <= 5.6 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2025-12832MEDIUMIBM InfoSphere Information Server Server-Side Request ForgeryEPSS 0.2%CVE-2026-29107MEDIUMSuiteCRM vulnerable to authenticated SSRF via PDF exportEPSS 0.2%CVE-2025-49985MEDIUMWordPress Auto Upload Images plugin <= 3.3.2 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2025-49983MEDIUMWordPress WPThumb plugin <= 0.10 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2025-49984MEDIUMWordPress PowerPress Podcasting plugin <= 11.13.11 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%