Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1481

1481 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-2216 Server-Side Request Forgery (SSRF) in ionicabizau/parse-url — ionicabizau/parse-url 7.5 -2022-06-27
CVE-2022-1977 WP Ultimate CSV Importer < 6.5.3 - Admin+ Blind SSRF — Import Export All WordPress Images, Users & Post Types 6.5 -2022-06-27
CVE-2022-23080 directus - SSRF which leads to internal port scan — directus 5.0 -2022-06-22
CVE-2022-23071 Recipes - SSRF on Import — recipes 6.5 -2022-06-19
CVE-2022-29612 SAP Host Agent 代码问题漏洞 — SAP NetWeaver, ABAP Platform and SAP Host Agent--2022-06-14
CVE-2022-28217 SAP NetWeaver 代码问题漏洞 — SAP NetWeaver (EP Web Page Composer) 6.5 -2022-06-13
CVE-2022-24969 bypass of CVE-2021-25640 — Apache Dubbo 6.1 -2022-06-06
CVE-2022-1285 Server-Side Request Forgery (SSRF) in gogs/gogs — gogs/gogs 8.2 -2022-06-01
CVE-2021-40186 DNN CMS Server-Side Request Forgery (SSRF) — DNN Platform 6.5 Medium2022-05-31
CVE-2022-29188 Smokescreen SSRF via deny list bypass (square brackets) in Smokescreen — smokescreen 5.3 Medium2022-05-20
CVE-2022-1784 Server-Side Request Forgery (SSRF) in jgraph/drawio — jgraph/drawio 7.5 -2022-05-20
CVE-2022-1767 Server-Side Request Forgery (SSRF) in jgraph/drawio — jgraph/drawio 7.5 -2022-05-18
CVE-2022-24856 Server-Side Request Forgery in FlyteConsole — flyteconsole 9.1 Critical2022-05-17
CVE-2022-1711 Server-Side Request Forgery (SSRF) in jgraph/drawio — jgraph/drawio 7.5 -2022-05-17
CVE-2022-1723 Server-Side Request Forgery (SSRF) in jgraph/drawio — jgraph/drawio 7.5 -2022-05-17
CVE-2022-1713 SSRF on /proxy in jgraph/drawio — jgraph/drawio 7.5 -2022-05-16
CVE-2022-1722 SSRF in editor's proxy via IPv6 link-local address in jgraph/drawio — jgraph/drawio 6.2 -2022-05-16
CVE-2022-1398 External Media without Import <= 1.1.2 - Subscriber+ Blind SSRF — External Media without Import 6.5 -2022-05-16
CVE-2022-1386 Fusion Builder < 3.6.2 - Unauthenticated SSRF — Fusion Builder 9.1 -2022-05-16
CVE-2022-1379 URL Restriction Bypass in plantuml/plantuml — plantuml/plantuml 10.0 -2022-05-14
CVE-2022-29180 Charm vulnerable to server-side request forgery (SSRF) — charm 5.9 Medium2022-05-07
CVE-2022-1592 Server-Side Request Forgery in scout in clinical-genomics/scout — clinical-genomics/scout 8.2 -2022-05-05
CVE-2022-1239 HubSpot < 8.8.15 - Contributor+ Blind SSRF — HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics 8.1 -2022-05-02
CVE-2021-36203 Johnson Controls Metasys SCT Pro — Metasys System Configuration Tool (SCT) 5.3 Medium2022-04-22
CVE-2022-24871 Server-Side Request Forgery (SSRF) in Shopware — platform 7.2 High2022-04-20
CVE-2022-24862 Server-Side Request Forgery in Databasir — databasir 7.7 High2022-04-20
CVE-2022-24825 Smokescreen SSRF via deny list bypass — smokescreen 5.8 Medium2022-04-19
CVE-2022-1037 EXMAGE < 1.0.7 - Admin+ Blind SSRF — EXMAGE – WordPress Image Links 8.8 -2022-04-18
CVE-2021-36202 Metasys UI — Metasys 8.4 High2022-04-07
CVE-2022-1213 SSRF filter bypass port 80, 433 in livehelperchat/livehelperchat — livehelperchat/livehelperchat 8.1 -2022-04-05

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1481 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.