Falhas do tipo CWE-918
2.189 resultadosCVE-2025-45475MEDIUMmaccms10 v2025.1000.4047 is vulnerable to Server-Side request forgery (SSRF) in Friend Link Management.EPSS 0.3%CVE-2026-33401HIGHWallos: Incomplete fix for CVE-2026-30840 - SSRF in AI and notification endpoints bypass ssrf_helper.phpEPSS 0.3%CVE-2026-1857MEDIUMGutenberg Blocks with AI by Kadence WP <= 3.6.1 - Authenticated (Contributor+) Server-Side Request Forgery via 'endpoint' ParameterEPSS 0.3%CVE-2025-8341MEDIUMSSRF in Infinity Datasource PluginEPSS 0.3%CVE-2024-57252MEDIUMOtCMS <=V7.46 is vulnerable to Server-Side Request Forgery (SSRF) in /admin/read.php, which can Read system files arbitrarily.EPSS 0.3%CVE-2025-9821LOWSSRF via webhook functionEPSS 0.3%CVE-2023-48786MEDIUMA server-side request forgery vulnerability [CWE-918] in Fortinet FortiClientEMS version 7.4.0 through 7.4.2 and before 7.2.6 may allow an aEPSS 0.3%CVE-2026-33682MEDIUMStreamlit on Windows has Unauthenticated SSRF Vulnerability (NTLM Credential Exposure)EPSS 0.3%CVE-2026-31955MEDIUMXibo CMS has Authenticated Server-Side Request Forgery (SSRF) in Remote DataSet FunctionalityEPSS 0.3%CVE-2026-33399HIGHWallos: SSRF Bypass - Incomplete Fix for CVE-2026-30839/30840EPSS 0.3%CVE-2026-25528MEDIUMLangSmith Client SDK Affected by Server-Side Request Forgery via Tracing Header InjectionEPSS 0.3%CVE-2025-10471MEDIUMZKEACMS MediaController.cs Proxy server-side request forgeryEPSS 0.3%CVE-2026-26286HIGHSillyTavern has Server-Side Request Forgery (SSRF) via Asset Download Endpoint that Allows Reading Internal ServicesEPSS 0.3%CVE-2026-53927MEDIUMNocoDB: Server-Side Request Forgery via Spreadsheet Fetch URLEPSS 0.3%CVE-2026-12100HIGHURL Preview <= 1.0 - Unauthenticated Server-Side Request Forgery via 'url' ParameterEPSS 0.3%CVE-2026-49129MEDIUMMusic Player Daemon < 0.24.11 SSRF via CurlInputPluginEPSS 0.3%CVE-2025-22701MEDIUMWordPress Traveler Layout Essential For Elementor plugin < 1.4 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.3%CVE-2025-10695MEDIUMOpenSupports 4.11.0 — SSRF via test imap and smtp endpointsEPSS 0.3%CVE-2026-27829MEDIUMAstro is vulnerable to SSRF due to missing allowlist enforcement in remote image inferSizeEPSS 0.3%CVE-2023-32337MEDIUMIBM Maximo Spatial Asset Management server-side request forgeryEPSS 0.3%