Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1487

1487 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-6095 SSRF and Partial LFI in /models/apply Endpoint in mudler/localai — mudler/localai 5.3AIMediumAI2024-07-06
CVE-2024-37208 WordPress WP Scraper plugin <= 5.7 - Server Side Request Forgery (SSRF) vulnerability — WP Scraper 4.9 Medium2024-07-06
CVE-2024-37260 WordPress Foxiz Theme theme <= 2.3.5 - Server Side Request Forgery (SSRF) vulnerability — Foxiz 7.2 High2024-07-06
CVE-2024-34361 Pi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Remote Code Execution (RCE) — pi-hole 8.6 High2024-07-05
CVE-2024-39687 Fedify vulnerable to allowing access to internal network resources — fedify 7.2 High2024-07-05
CVE-2024-6524 ShopXO Uploader.php server-side request forgery — ShopXO 5.5 Medium2024-07-05
CVE-2024-37157 Discourse vulnerable to Server-Side Request Forgery via FastImage — discourse 6.4 Medium2024-07-03
CVE-2024-38472 Apache HTTP Server on WIndows UNC SSRF — Apache HTTP Server 7.5AIHighAI2024-07-01
CVE-2024-6424 Server-Side Request Forgery vulnerability in MESbook — MESbook 9.3 Critical2024-07-01
CVE-2023-50952 IBM InfoSphere Information Server server-side request forgery — InfoSphere Information Server 5.4 Medium2024-06-30
CVE-2024-38514 NextChat Server-Side Request Forgery (SSRF) — ChatGPT-Next-Web 7.4 High2024-06-28
CVE-2024-5736 SSRF in AdmirorFrames Joomla! Extension — AdmirorFrames 7.5AIHighAI2024-06-28
CVE-2024-5885 Server-Side Request Forgery (SSRF) in stangirard/quivr — stangirard/quivr 7.5AIHighAI2024-06-27
CVE-2024-5822 Server-Side Request Forgery (SSRF) in gaizhenbiao/ChuanhuChatGPT — gaizhenbiao/chuanhuchatgpt 7.5AIHighAI2024-06-27
CVE-2024-37098 WordPress BlossomThemes Email Newsletter plugin <= 2.2.6 - Server Side Request Forgery (SSRF) vulnerability — BlossomThemes Email Newsletter 4.4 Medium2024-06-26
CVE-2024-29173 Dell PowerProtect Data Domain 代码问题漏洞 — PowerProtect DD 6.8 Medium2024-06-26
CVE-2024-5015 WhatsUp Gold SessionControler Server-Side Request Forgery Information Disclosure Vulnerability — WhatsUp Gold 7.1 High2024-06-25
CVE-2024-5014 WhatsUp Gold GetASPReport Server-Side Request Forgery Information Disclosure — WhatsUp Gold 7.1 High2024-06-25
CVE-2023-45195 Adminer and AdminerEvo SSRF — Adminer 5.3AIMediumAI2024-06-24
CVE-2024-5746 GitHub Enterprise Server 安全漏洞 — GitHub Enterprise Server 7.6 High2024-06-20
CVE-2024-5021 WordPress Picture / Portfolio / Media Gallery <= 3.0.1 - Unauthenticated Server-Side Request Forgery — WordPress Picture / Portfolio / Media Gallery 9.3 Critical2024-06-19
CVE-2024-4404 ElementsKit PRO <= 3.6.1 - Authenticated (Contributor+) Server-Side Request Forgery — ElementsKit Pro 8.5 High2024-06-14
CVE-2024-37164 CVAT SSRF via custom cloud storage endpoints — cvat 7.1 High2024-06-13
CVE-2024-34111 SSRF in service connector — Adobe Commerce 6.5 Medium2024-06-13
CVE-2024-36414 SuiteCRM authenticated Server-Side Request Forgery — SuiteCRM 7.7 High2024-06-10
CVE-2024-4354 TablePress – Tables in WordPress made easy <= 2.3 - Authenticated (Author+) Server-Side Request Forgery via DNS Rebind — TablePress – Tables in WordPress made easy 6.4 Medium2024-06-07
CVE-2024-5328 SSRF Vulnerability in lunary-ai/lunary — lunary-ai/lunary 9.8AICriticalAI2024-06-06
CVE-2024-3149 SSRF in mintplex-labs/anything-llm — mintplex-labs/anything-llm 8.1AIHighAI2024-06-06
CVE-2024-4851 SSRF Vulnerability in stangirard/quivr — stangirard/quivr 9.1AICriticalAI2024-06-06
CVE-2024-3095 SSRF in Langchain Web Research Retriever in langchain-ai/langchain — langchain-ai/langchain 9.1AICriticalAI2024-06-06

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1487 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.