Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1496

1496 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-53461 WordPress Beaf Plugin <= 1.6.2 - Server Side Request Forgery (SSRF) Vulnerability — Beaf 4.4 Medium2025-09-22
CVE-2025-57943 WordPress Skimlinks Affiliate Marketing Tool plugin <= 1.3.1 - Server Side Request Forgery (SSRF) vulnerability — Skimlinks Affiliate Marketing Tool 4.4 Medium2025-09-22
CVE-2025-57984 WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.4 - Server Side Request Forgery (SSRF) Vulnerability — MakeStories (for Google Web Stories) 4.4 Medium2025-09-22
CVE-2025-58005 WordPress DriCub Theme <= 2.9 - Server Side Request Forgery (SSRF) Vulnerability — DriCub 5.4 Medium2025-09-22
CVE-2025-58011 WordPress Content Mask plugin <= 1.8.5.2 - Server Side Request Forgery (SSRF) vulnerability — Content Mask 6.4 Medium2025-09-22
CVE-2025-36037 IBM webMethods Integration server-side request forgery — webMethods Integration 5.4 Medium2025-09-22
CVE-2025-10787 MuYuCMS Add Fiend Link index.html server-side request forgery — MuYuCMS 6.3 Medium2025-09-22
CVE-2025-10765 SeriaWei ZKEACMS SEOSuggestions ZKEACMS.SEOSuggestions.dll server-side request forgery — ZKEACMS 4.7 Medium2025-09-21
CVE-2025-10764 SeriaWei ZKEACMS Event Action System PendingTaskController.cs Edit server-side request forgery — ZKEACMS 6.3 Medium2025-09-21
CVE-2025-10760 Harness lookup_repo.go LookupRepo server-side request forgery — Harness 6.3 Medium2025-09-21
CVE-2025-26515 CVE-2025-26515 Server-Side Request Forgery Vulnerability in StorageGRID (formerly StorageGRID Webscale) — StorageGRID 7.5 High2025-09-19
CVE-2025-59344 AliasVault Vulnerable to Server-Side Request Forgery via Favicon Extraction — aliasvault 7.7 High2025-09-19
CVE-2025-59346 Dragonfly server-side request forgery vulnerability — dragonfly 4.6AIMediumAI2025-09-17
CVE-2025-9862 Ghost 6.0.6 - SSRF via oEmbed Bookmark — Ghost 7.5AIHighAI2025-09-17
CVE-2025-59437 node-ip 代码问题漏洞 — ip 3.2 Low2025-09-16
CVE-2025-59436 node-ip 代码问题漏洞 — ip 3.2 Low2025-09-16
CVE-2025-59155 hackmd-mcp server-side request forgery in HTTP transport mode — hackmd-mcp 9.1AICriticalAI2025-09-15
CVE-2025-10471 ZKEACMS MediaController.cs Proxy server-side request forgery — ZKEACMS 6.3 Medium2025-09-15
CVE-2025-58045 Dataease server-side request forgery via unfiltered DB2 JDBC ldap parameter — dataease 9.8AICriticalAI2025-09-15
CVE-2025-10453 PilotGaea Technologies|O'View MapServer - Server-Side Request Forgery — O'View MapServer 5.3 Medium2025-09-15
CVE-2025-10410 SourceCodester Link Status Checker index.php server-side request forgery — Link Status Checker 6.3 Medium2025-09-14
CVE-2025-10397 Magicblack MacCMS API server-side request forgery — MacCMS 4.7 Medium2025-09-14
CVE-2025-10395 Magicblack MacCMS Scheduled Task col_url server-side request forgery — MacCMS 4.7 Medium2025-09-14
CVE-2025-10393 miurla morphic HTTP Status Code 3xx advanced-search fetchHtml server-side request forgery — morphic 6.3 Medium2025-09-14
CVE-2025-10391 CRMEB OutAccountServices.php testOutUrl server-side request forgery — CRMEB 6.3 Medium2025-09-14
CVE-2025-10329 cdevroe unmark Marks.php server-side request forgery — unmark 6.3 Medium2025-09-12
CVE-2025-6454 Server-Side Request Forgery (SSRF) in GitLab — GitLab 8.5 High2025-09-12
CVE-2025-59055 InstantCMS vulnerable to Server-Side Request Forgery via package installer — icms2 4.7 Medium2025-09-11
CVE-2025-10211 yanyutao0402 ChanCMS getArticle CollectController server-side request forgery — ChanCMS 6.3 Medium2025-09-10
CVE-2025-7843 Auto Save Remote Images (Drafts) <= 1.0.9 - Authenticated (Contributor+) Server-Side Request Forgery — Auto Save Remote Images (Drafts) 6.4 Medium2025-09-10

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1496 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.