Falhas do tipo CWE-918

2.182 resultados
CVE-2025-8084MEDIUMAI Engine <= 3.1.8 - Authenticated (Editor+) Server-Side Request ForgeryEPSS 0.4%CVE-2026-48818HIGHStarlette: SSRF and NTLM credential theft via UNC paths in StaticFiles on WindowsEPSS 0.4%CVE-2024-2049MEDIUMServer-Side Request Forgery (SSRF)EPSS 0.4%CVE-2025-3787MEDIUMPbootCMS Image server-side request forgeryEPSS 0.4%CVE-2024-53983MEDIUMServer-side request forgery in Backstage Scaffolder pluginEPSS 0.4%CVE-2024-4354MEDIUMTablePress – Tables in WordPress made easy <= 2.3 - Authenticated (Author+) Server-Side Request Forgery via DNS RebindEPSS 0.4%CVE-2021-3742HIGHServer-Side Request Forgery (SSRF) in chatwoot/chatwootEPSS 0.4%CVE-2026-33226HIGHBudibase Unrestricted Server-Side Request Forgery (SSRF) via REST Datasource Query PreviewEPSS 0.4%CVE-2025-27501HIGHServer Side Request Forgery in Ziti ConsoleEPSS 0.4%CVE-2026-5737MEDIUMIndependent Analytics <= 2.14.9 - Unauthenticated Server-Side Request Forgery via Tracking RouteEPSS 0.4%CVE-2024-22408HIGHServer-Side Request Forgery (SSRF) in Shopware Flow BuilderEPSS 0.4%CVE-2025-2691HIGHVersions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery (SSRF) where an attacker can provide a hostname thEPSS 0.4%CVE-2026-1062MEDIUMxiweicheng TMS HtmlUtil.java summary server-side request forgeryEPSS 0.4%CVE-2025-29457HIGHAn issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a Theme function. NOTE: the Supplier disputeEPSS 0.4%CVE-2025-29458HIGHAn issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change Avatar function. NOTE: the Supplier disputesEPSS 0.4%CVE-2025-29459HIGHAn issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Mail function. NOTE: the Supplier disputes this becEPSS 0.4%CVE-2023-23684MEDIUMWordPress WPGraphQL Plugin <= 1.14.5 is vulnerable to Server Side Request Forgery (SSRF)EPSS 0.4%CVE-2025-50199HIGHChamilo: Blind Server-Side Request Forgery (Unauth Blind SSRF)EPSS 0.4%CVE-2025-65784MEDIUMInsecure permissions in Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows authenticated attackers with low-level privileges to acceEPSS 0.4%CVE-2026-3125HIGHSSRF vulnerability in opennextjs-cloudflare via /cdn-cgi/ path normalization bypassEPSS 0.4%