Fallos del tipo CWE-918
2168 resultadosCVE-2023-2927MEDIUMJIZHICMS TemplateController.php index server-side request forgeryEPSS 0.9%CVE-2026-46372HIGHSillyTavern: SSRF in SearXNG Search Proxy via Unvalidated baseUrlEPSS 0.9%CVE-2023-48307LOWNextcloud Mail app vulnerable to Server-Side Request ForgeryEPSS 0.9%CVE-2024-5746HIGHA Server-Side Request Forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker with the Site Administrator EPSS 0.9%CVE-2023-29292MEDIUMServer Side Request Forgery (SSRF) in FedEx carrier integration configurationEPSS 0.9%CVE-2024-51980MEDIUMUnauthenticated Server Side Request Forgery (SSRF) via WS-Addressing affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.EPSS 0.9%CVE-2024-51463MEDIUMIBM i server-side request forgeryEPSS 0.9%CVE-2021-37940—An information disclosure via GET request server-side request forgery vulnerability was discovered with the Workplace Search Github EnterpriEPSS 0.8%CVE-2020-15297HIGHInsufficient validation in the Bitdefender Update Server and BEST Relay components of Bitdefender Endpoint Security Tools versions prior to EPSS 0.8%CVE-2021-23029—On version 16.0.x before 16.0.1.2, insufficient permission checks may allow authenticated users with guest privileges to perform Server-SideEPSS 0.8%CVE-2025-54122CRITICALManager-io/Manager allows unauthenticated full read server-side request forgery in "proxy" endpointEPSS 0.8%CVE-2025-55139MEDIUMSSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and IvaEPSS 0.8%CVE-2025-24354MEDIUMimgproxy is vulnerable to SSRF against 0.0.0.0EPSS 0.8%CVE-2022-37033MEDIUMIn dotCMS 5.x-22.06, TempFileAPI allows a user to create a temporary file based on a passed in URL, while attempting to block any SSRF accesEPSS 0.8%CVE-2023-5572CRITICALServer-Side Request Forgery (SSRF) in vriteio/vriteEPSS 0.8%CVE-2023-26431MEDIUMIPv4-mapped IPv6 addresses did not get recognized as "local" by the code and a connection attempt is made. Attackers with access to user accEPSS 0.8%CVE-2023-25753—Server-Side Request Forgery in Apache ShenYuEPSS 0.8%CVE-2022-46973CRITICALReport v0.9.8.6 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability.EPSS 0.8%CVE-2025-27651CRITICALVasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Server-Side Request Forgery: ElatecEPSS 0.8%CVE-2025-27652CRITICALVasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Server-Side Request Forgery: rfIDEAEPSS 0.8%