Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1487

1487 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-49336 IBM Security Guardium server-side request forgery — Security Guardium 6.5 Medium2024-12-19
CVE-2024-12801 SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks — logback 7.5 -2024-12-19
CVE-2024-12121 Broken Link Checker | Finder <= 2.5.0 - Authenticated (Author+) Blind Server-Side Request Forgery — Broken Link Checker | Finder 5.4 Medium2024-12-19
CVE-2024-52579 Server-Side Request Forgery vulnerability in various APIs in Misskey — misskey 6.4 Medium2024-12-18
CVE-2024-55089 Rhymix 安全漏洞 — Rhymix 4.1 Medium2024-12-18
CVE-2024-9624 WP All Import Pro <= 4.9.3 - Authenticated (Administrator+) Server-Side Request Forgery via File Import — WP All Import Pro 7.6 High2024-12-17
CVE-2024-54385 WordPress Radio Player plugin <= 2.0.83 - Server Side Request Forgery (SSRF) vulnerability — Radio Player 7.2 High2024-12-16
CVE-2024-54330 WordPress Hurrakify plugin <= 2.4 - Server Side Request Forgery (SSRF) vulnerability — Hurrakify 7.2 High2024-12-13
CVE-2024-11836 Server-side Request Forgery — PlexTrac 7.5 -2024-12-13
CVE-2024-54197 Server-Side Request Forgery in SAP NetWeaver Administrator (System Overview) — SAP NetWeaver Administrator(System Overview) 7.2 High2024-12-10
CVE-2024-47578 Multiple vulnerabilities in SAP NetWeaver AS for JAVA(Adobe Document Services) — SAP NetWeaver AS for JAVA (Adobe Document Services) 9.1 Critical2024-12-10
CVE-2024-48874 Ruijie Reyee OS Server-Side Request Forgery — Reyee OS 9.8 Critical2024-12-06
CVE-2024-6784 SSRF Server Side Request Forgery — ASPECT-Enterprise 9.9 Critical2024-12-05
CVE-2024-54000 Mobile Security Framework (MobSF) bypass of SSRF fix — Mobile-Security-Framework-MobSF 7.5 High2024-12-03
CVE-2024-53738 WordPress Asset CleanUp: Page Speed Booster plugin <=1.3.9.8 - Server Side Request Forgery (SSRF) vulnerability — Asset CleanUp: Page Speed Booster 4.4 Medium2024-11-30
CVE-2024-53983 Server-side request forgery in Backstage Scaffolder plugin — backstage 5.4 Medium2024-11-29
CVE-2024-32965 ssrf vulnerability in lobe-chat — lobe-chat 8.1 High2024-11-26
CVE-2024-6538 Openshift-console: openshift console: server-side request forgery 5.3 Medium2024-11-25
CVE-2024-9710 PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability — PostHog 6.5 -2024-11-22
CVE-2024-11618 IPC Unigy Management System HTTP Request server-side request forgery — Unigy Management System 7.3 High2024-11-22
CVE-2021-38135 Possible External service interaction Vulnerability in OpenText iManager — iManager 8.6 High2024-11-22
CVE-2024-38645 Notes Station 3 — Notes Station 3 6.5 -2024-11-22
CVE-2024-10524 GNU Wget is vulnerable to an SSRF attack when accessing partially-user-controlled shorthand URLs — wget 6.5 Medium2024-11-19
CVE-2024-47208 Apache OFBiz: URLs allowing remote use of Groovy expressions, leading to RCE — Apache OFBiz 9.8AICriticalAI2024-11-18
CVE-2021-3742 Server-Side Request Forgery (SSRF) in chatwoot/chatwoot — chatwoot/chatwoot 5.4AIMediumAI2024-11-15
CVE-2024-5917 PAN-OS: Server-Side Request Forgery in WildFire — Cloud NGFW 5.3AIMediumAI2024-11-14
CVE-2024-49521 Adobe Commerce | Server-Side Request Forgery (SSRF) (CWE-918) — Adobe Commerce 7.7 High2024-11-12
CVE-2024-51785 WordPress Responsive Filterable Portfolio plugin <= 1.0.22 - Server Side Request Forgery (SSRF) vulnerability — Responsive Filterable Portfolio 4.4 Medium2024-11-09
CVE-2024-10814 Code Embed <= 2.5 - Authenticated (Contributor+) Server-Side Request Forgery — Code Embed 6.4 Medium2024-11-09
CVE-2024-51740 SSRF through arbitrary PHP class instantiation in the user portal in Combodo iTop — iTop 4.3 Medium2024-11-05

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1487 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.