Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1487

1487 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-51665 WordPress Magical Addons For Elementor plugin <= 1.2.1 - Server Side Request Forgery (SSRF) vulnerability — Magical Addons For Elementor 4.9 Medium2024-11-04
CVE-2024-49312 WordPress Edwiser Bridge plugin <= 3.0.7 - Server Side Request Forgery (SSRF) vulnerability — Edwiser Bridge 4.9 Medium2024-10-17
CVE-2012-10018 Mapplic Lite and Mapplic <= (Various Versions) - Server Side Request Forgery to Cross-Site Scirpting — Mapplic Lite 8.3 High2024-10-16
CVE-2024-47830 Plane allows server side request forgery via /_next/image endpoint — plane 9.3 Critical2024-10-11
CVE-2024-45317 SonicWALL SMA1000 代码问题漏洞 — SMA1000 7.5AIHighAI2024-10-11
CVE-2024-47167 SSRF in the path parameter of /queue/join in Gradio — gradio 9.8AICriticalAI2024-10-10
CVE-2024-8977 Server-Side Request Forgery (SSRF) in GitLab — GitLab 8.2 High2024-10-10
CVE-2024-45119 Adobe Commerce | Server-Side Request Forgery (SSRF) (CWE-918) — Adobe Commerce 4.9 Medium2024-10-10
CVE-2024-47008 Ivanti Avalanche 安全漏洞 — Avalanche 7.5 High2024-10-08
CVE-2024-9410 Ada.cx SSRF via Sentry Misconfiguration — Ada.cx Sentry Component 5.3 Medium2024-10-04
CVE-2024-45843 Weak SSRF Filtering — Mattermost 3.1 Low2024-09-26
CVE-2024-47066 Lobe Chat has insufficient fix for GHSA-mxhq-xw3g-rphc (CVE-2024-32964) — lobe-chat 9.0 Critical2024-09-23
CVE-2024-43989 WordPress Justified Image Grid plugin <= 4.6.1 - Unauthenticated Server Side Request Forgery (SSRF) vulnerability — Justified Image Grid 7.5 High2024-09-22
CVE-2022-25777 Server-Side Request Forgery in Asset section — Mautic 6.5 Medium2024-09-18
CVE-2024-38183 GroupMe Elevation of Privilege Vulnerability — GroupMe 9.8 Critical2024-09-17
CVE-2024-6587 SSRF in berriai/litellm — berriai/litellm 8.1AIHighAI2024-09-13
CVE-2024-8635 Server-Side Request Forgery (SSRF) in GitLab — GitLab 7.7 High2024-09-12
CVE-2021-38132 Possible External service interaction Vulnerability — eDirectory 5.3 Medium2024-09-12
CVE-2024-24759 MindsDB Vulnerable to Bypass of SSRF Protection with DNS Rebinding — mindsdb 9.3 Critical2024-09-05
CVE-2024-45507 Apache OFBiz: Prevent use of URLs in files when loading them from Java or Groovy, leading to a RCE — Apache OFBiz 9.8AICriticalAI2024-09-04
CVE-2024-43371 Potential access to sensitive URLs via CKAN extensions (SSRF) — ckan 4.5 Medium2024-08-21
CVE-2024-43379 TruffleHog has a Blind SSRF in some Detectors — trufflehog 3.4 Low2024-08-19
CVE-2022-1751 Skitter Slideshow <= 2.5.2 - Unauthenticated Server-Side Request Forgery — Skitter Slideshow 7.2 High2024-08-17
CVE-2024-7743 wanglongcn ltcms API Endpoint downloadUrl server-side request forgery — ltcms 7.3 High2024-08-13
CVE-2024-7742 wanglongcn ltcms API Endpoint multiDownload server-side request forgery — ltcms 7.3 High2024-08-13
CVE-2024-7740 wanglongcn ltcms API Endpoint download server-side request forgery — ltcms 7.3 High2024-08-13
CVE-2024-38109 Azure Health Bot Elevation of Privilege Vulnerability — Azure Health Bot 9.1 Critical2024-08-13
CVE-2024-41737 Server-Side Request Forgery (SSRF) in SAP CRM ABAP (Insights Management) — SAP CRM ABAP (Insights Management) 5.0 Medium2024-08-13
CVE-2024-42467 CometVisu Backend for openHAB affected by SSRF/XSS — openhab-webui 10.0 Critical2024-08-09
CVE-2024-6522 Modern Events Calendar <= 7.12.1 - Authenticated (Subscriber+) Server Side Request Forgery — Modern Events Calendar 8.5 High2024-08-07

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1487 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.