Falhas do tipo CWE-918
2.157 resultadosCVE-2022-35508CRITICALProxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are vulnerable to SSRF when proxying HTTP requests between pve(pmg)proxy anEPSS 1.2%CVE-2021-21288MEDIUMServer-side request forgery in CarrierWaveEPSS 1.2%CVE-2021-29475CRITICALPDF export allows arbitrary file readsEPSS 1.2%CVE-2025-21177HIGHMicrosoft Dynamics 365 Sales Elevation of Privilege VulnerabilityEPSS 1.2%CVE-2022-46998CRITICALAn issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side Request Forgery (SSRF).EPSS 1.1%CVE-2024-29030MEDIUMmemos vulnerable to an SSRF in /api/resourceEPSS 1.1%CVE-2012-10018HIGHMapplic Lite and Mapplic <= (Various Versions) - Server Side Request Forgery to Cross-Site ScirptingEPSS 1.1%CVE-2023-49471HIGHBlind Server-Side Request Forgery (SSRF) vulnerability in karlomikus Bar Assistant before version 3.2.0 does not validate a parameter beforeEPSS 1.1%CVE-2024-34111MEDIUMSSRF in service connectorEPSS 1.1%CVE-2024-10524MEDIUMGNU Wget is vulnerable to an SSRF attack when accessing partially-user-controlled shorthand URLsEPSS 1.1%CVE-2018-7516—A server-side request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 VersionEPSS 1.1%CVE-2021-25939LOWArangoDB - Blind SSRF when Downloading Foxx Service from URLEPSS 1.1%CVE-2024-32407HIGHAn issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox featEPSS 1.1%CVE-2020-17386MEDIUMCellopoint CelloOS - Server-Side Request Forgery (SSRF)EPSS 1.1%CVE-2022-21697MEDIUMSSRF vulnerability (requires authentication)EPSS 1.1%CVE-2024-43394HIGHApache HTTP Server: SSRF on Windows due to UNC pathsEPSS 1.1%CVE-2022-38931HIGHA Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the applicatioEPSS 1.1%CVE-2025-64525MEDIUMAstro: URL manipulation via unsanitized headers leads to path-based middleware protections bypass, potential SSRF/cache-poisoning, CVE-2025-61925 bypassEPSS 1.1%CVE-2023-25262HIGHStimulsoft GmbH Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Server Side Request Forgery (SSRF). TThe Reporting Designer (Web) offersEPSS 1.1%CVE-2024-29029MEDIUMmemos vulnerable to an SSRF in /o/get/imageEPSS 1.1%