Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1487

1487 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-9309 SSRF in POST /worker_generate_stream API endpoint in haotian-liu/llava — haotian-liu/llava 9.8 -2025-03-20
CVE-2024-8955 SSRF in composiohq/composio — composiohq/composio 7.5 -2025-03-20
CVE-2024-12775 SSRF in langgenius/dify — langgenius/dify 9.1 -2025-03-20
CVE-2024-11031 SSRF in binary-husky/gpt_academic — binary-husky/gpt_academic 7.5 -2025-03-20
CVE-2024-11822 Server-Side Request Forgery (SSRF) in langgenius/dify — langgenius/dify 7.5 -2025-03-20
CVE-2025-0188 SSRF in gaizhenbiao/chuanhuchatgpt — gaizhenbiao/chuanhuchatgpt 8.8 -2025-03-20
CVE-2024-7959 SSRF in open-webui/open-webui — open-webui/open-webui 9.8 -2025-03-20
CVE-2024-12068 Server-Side Request Forgery in haotian-liu/llava — haotian-liu/llava 7.5 -2025-03-20
CVE-2024-11449 Server-Side Request Forgery in haotian-liu/llava — haotian-liu/llava 9.8 -2025-03-20
CVE-2025-27774 Applio allows SSRF and file write in model_download.py — Applio 9.8 -2025-03-19
CVE-2025-27775 Applio allows SSRF and file write in model_download.py — Applio 9.8 -2025-03-19
CVE-2025-27776 Applio allows SSRF and file write in model_download.py — Applio 9.1 -2025-03-19
CVE-2025-27777 Applio allows SSRF and file write in model_download.py — Applio 7.5 -2025-03-19
CVE-2024-49822 IBM QRadar Advisor server-side request forgery — QRadar Advisor with Watson 4.1 Medium2025-03-18
CVE-2025-22474 Dell SmartFabric OS10 代码问题漏洞 — SmartFabric OS10 Software 6.8 Medium2025-03-17
CVE-2024-13838 Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin <= 6.2 - Authenticated (Admin+) Server-Side Request Forgery via Webhook — Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin 5.5 Medium2025-03-12
CVE-2025-2192 Stoque Zeev.it Login Page server-side request forgery — Zeev.it 4.3 Medium2025-03-11
CVE-2025-27430 Server Side Request Forgery (SSRF) in SAP CRM and SAP S/4 HANA (Interaction Center) — SAP CRM and SAP S/4HANA (Interaction Center) 3.5 Low2025-03-11
CVE-2025-22603 AutoGPT SSRF vulnerability — AutoGPT 9.1 -2025-03-10
CVE-2025-2116 Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System File Protocol imageProxy.do server-side request forgery — Founder Enjoys All-Media Acquisition and Editing System 4.3 Medium2025-03-09
CVE-2024-13924 Starter Templates by FancyWP <= 2.0.0 - Unauthenticated Blind Server-Side Request Forgery — Starter Templates by FancyWP 5.3 Medium2025-03-08
CVE-2024-53696 QuLog Center — QuLog Center 4.9 -2025-03-07
CVE-2025-27152 Possible SSRF and Credential Leakage via Absolute URL in axios Requests — axios 10.0 -2025-03-07
CVE-2024-13857 WPGet API <= 2.2.10 - Authenticated (Administrator+) Server-Side Request Forgery — WPGet API – Connect to any external REST API 5.5 Medium2025-03-07
CVE-2024-13904 Platform.ly for WooCommerce <= 1.1.6 - Unauthenticated Blind Server-Side Request Forgery — Platform.ly for WooCommerce 5.3 Medium2025-03-07
CVE-2025-27600 FastGPT SSRF — FastGPT 7.5 -2025-03-06
CVE-2025-27501 Server Side Request Forgery in Ziti Console — ziti-console 8.6 High2025-03-03
CVE-2025-25303 Server-Side Request Forgery (SSRF) in MouseTooltipTranslator — MouseTooltipTranslator 8.1 -2025-03-03
CVE-2025-25301 Rembg allows SSRF via /api/remove — rembg 5.3 -2025-03-03
CVE-2025-1849 zj1983 zz import_data_todb server-side request forgery — zz 6.3 Medium2025-03-03

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1487 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.