Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1487

1487 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-22205 Whoogle Search Server Side Request Forgery vulnerability — whoogle-search 9.1 Critical2024-01-23
CVE-2024-22203 Whoogle Search Server Side Request Forgery vulnerability — whoogle-search 9.1 Critical2024-01-23
CVE-2022-40700 Server Side Request Forgery (SSRF) vulnerability affecting multiple WordPress plugins — Montonio for WooCommerce 8.2 High2024-01-19
CVE-2023-32337 IBM Maximo Spatial Asset Management server-side request forgery — Maximo Spatial Asset Management 5.4 Medium2024-01-19
CVE-2024-0649 ZhiHuiYun Search ImageController.php download_network_image server-side request forgery — ZhiHuiYun 6.3 Medium2024-01-17
CVE-2024-22408 Server-Side Request Forgery (SSRF) in Shopware Flow Builder — shopware 7.6 High2024-01-16
CVE-2024-0601 ZhongFuCheng3y Austin Email Message Template AustinFileUtils.java getRemoteUrl2File server-side request forgery — Austin 6.3 Medium2024-01-16
CVE-2024-0510 HaoKeKeJi YiQiNiu Api.php http_post server-side request forgery — YiQiNiu 7.3 High2024-01-13
CVE-2024-0308 Inis Proxy.php server-side request forgery — Inis 6.3 Medium2024-01-08
CVE-2024-0304 Youke365 collect.php server-side request forgery — Youke365 6.3 Medium2024-01-08
CVE-2024-0303 Youke365 Parameter caiji.php server-side request forgery — Youke365 6.3 Medium2024-01-08
CVE-2023-51441 Apache Axis 1.x (EOL) may allow SSRF when untrusted input is passed to the service admin HTTP API — Apache Axis 8.7 -2024-01-06
CVE-2024-21642 D-Tale server-side request forgery through Web uploads — dtale 7.5 High2024-01-05
CVE-2023-51676 WordPress Happy Addons for Elementor Plugin <= 3.9.1.1 is vulnerable to Server Side Request Forgery (SSRF) — Happy Addons for Elementor 4.9 Medium2023-12-29
CVE-2023-7078 Server-Side Request Forgery (SSRF) in Miniflare — miniflare 7.5 High2023-12-29
CVE-2023-51665 Audiobookshelf vulnerable to Blind SSRF in `Auth.js` — audiobookshelf 4.3 Medium2023-12-27
CVE-2023-51697 Audiobookshelf vulnerable to Blind SSRF in `podcastUtils.js` — audiobookshelf 4.3 Medium2023-12-27
CVE-2023-51451 SSRF in symbolicator via invalid protocol — symbolicator 4.3 Medium2023-12-22
CVE-2023-50731 MindsDB has arbitrary file write in file.py — mindsdb 9.1 Critical2023-12-22
CVE-2023-50714 The Oauth2 PKCE implementation is vulnerable — yii2-authclient 6.8 Medium2023-12-22
CVE-2023-50259 Blind SSRF in /home/testslack endpoint — Medusa 5.3 Medium2023-12-22
CVE-2023-50258 Blind SSRF in `/home/testdiscord` endpoint — Medusa 5.3 Medium2023-12-22
CVE-2023-7037 automad FileController.php import server-side request forgery — automad 6.3 Medium2023-12-21
CVE-2023-6974 Server-Side Request Forgery (SSRF) — mlflow/mlflow 9.8 -2023-12-20
CVE-2022-40312 WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Server Side Request Forgery (SSRF) — GiveWP – Donation Plugin and Fundraising Platform 5.5 Medium2023-12-18
CVE-2023-6853 kalcaddle KodExplorer app.php index server-side request forgery — KodExplorer 6.3 Medium2023-12-16
CVE-2023-6852 kalcaddle KodExplorer app.php server-side request forgery — KodExplorer 6.3 Medium2023-12-16
CVE-2023-6849 kalcaddle kodbox app.php cover server-side request forgery — kodbox 7.3 High2023-12-16
CVE-2023-50266 Bazarr Blind Server-Side Request Forgery (SSRF) in the /test/<protocol>/ endpoint — bazarr 5.3 Medium2023-12-15
CVE-2023-49159 WordPress CommentLuv Plugin <= 3.0.4 is vulnerable to Server Side Request Forgery (SSRF) — CommentLuv 7.2 High2023-12-15

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1487 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.