CWE-918— Server-Side Request Forgery (SSRF)
2,382 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-918page 23 of 48
- CVE-2024-22219MEDIUMCVSS 6.3EG 6.32024-08-15
XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC versions up to 1.0.4 allows authenticated users to submit malicious XML via unspecified features which could lead to various actions such as acces…
- CVE-2024-22262HIGHCVSS 8.1EG 8.12024-04-16
Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/…
- CVE-2024-22329MEDIUMCVSS 4.3EG 4.32024-04-17
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker could exploit this v…
- CVE-2024-22408HIGHCVSS 7.6EG 7.62024-01-16
Shopware is an open headless commerce platform. The implemented Flow Builder functionality in the Shopware application does not adequately validate the URL used when creating the “call webhook” action. This enables malicious users to p…
- CVE-2024-22648MEDIUMCVSS 5.3EG 5.32024-01-30
A Blind SSRF vulnerability exists in the "Crawl Meta Data" functionality of SEO Panel version 4.10.0. This makes it possible for remote attackers to scan ports in the local environment.
- CVE-2024-22873HIGHCVSS 8.1EG 8.12024-02-26
Tencent Blueking CMDB v3.2.x to v3.9.x was discovered to contain a Server-Side Request Forgery (SSRF) via the event subscription function (/service/subscription.go). This vulnerability allows attackers to access internal requests via a cra…
- CVE-2024-23330MEDIUMCVSS 5.3EG 5.32024-01-23
Tuta is an encrypted email service. In versions prior to 119.10, an attacker can attach an image in a html mail which is loaded from external resource in the default setting, which should prevent loading of external resources. When display…
- CVE-2024-23336MEDIUMCVSS 5.0EG 5.02024-05-01
MyBB is a free and open source forum software. The default list of disallowed remote hosts does not contain the `127.0.0.0/8` block, which may result in a Server-Side Request Forgery (SSRF) vulnerability. The Configuration File's _Disallow…
- CVE-2024-2343MEDIUMCVSS 6.4EG 6.42024-04-09
The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.11.6 via the form_to_url_action function. This makes it possible for authentic…
- CVE-2024-23500HIGHCVSS 7.7EG 7.72024-03-28
Server-Side Request Forgery (SSRF) vulnerability in StellarWP Gutenberg Blocks by Kadence Blocks kadence-blocks.This issue affects Gutenberg Blocks by Kadence Blocks: from n/a through <= 3.2.19.
- CVE-2024-23654MEDIUMCVSS 4.1EG 4.12024-02-21
discourse-ai is the AI plugin for the open-source discussion platform Discourse. Prior to commit 94ba0dadc2cf38e8f81c3936974c167219878edd, interactions with different AI services are vulnerable to admin-initiated SSRF attacks. Versions of …
- CVE-2024-23761CRITICALCVSS 9.8EG 9.82024-02-12
Server Side Template Injection in Gambio 4.9.2.0 allows attackers to run arbitrary code via crafted smarty email template.
- CVE-2024-23788HIGHCVSS 8.1EG 9.12024-02-14
Server-side request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to send an arbitrary HTTP request (GET) from the aff…
- CVE-2024-23825LOWCVSS 3.0EG 3.02024-01-30
TablePress is a table plugin for Wordpress. For importing tables, TablePress makes external HTTP requests based on a URL that is provided by the user. That user input is filtered insufficiently, which makes it is possible to send requests …
- CVE-2024-23838HIGHCVSS 7.5EG 7.52024-01-30
TrueLayer.NET is the .Net client for TrueLayer. The vulnerability could potentially allow a malicious actor to gain control over the destination URL of the HttpClient used in the API classes. For applications using the SDK, requests to un…
- CVE-2024-24028MEDIUMCVSS 5.9EG 5.92024-03-21
Server Side Request Forgery (SSRF) vulnerability in Likeshop before 2.5.7 allows attackers to view sensitive information via the avatar parameter in function UserLogic::updateWechatInfo.
- CVE-2024-24113HIGHCVSS 8.8EG 8.82024-02-08
xxl-job =< 2.4.1 has a Server-Side Request Forgery (SSRF) vulnerability, which causes low-privileged users to control executor to RCE.
- CVE-2024-24759CRITICALCVSS 9.3EG 9.32024-09-05
MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 23.12.4.2, a threat actor can bypass the server-side request forgery protection on the whole website with DNS Rebinding. The vulnerability ca…
- CVE-2024-24806HIGHCVSS 7.3EG 7.32024-02-07
libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates hostnames to 256 characters before calli…
- CVE-2024-24829MEDIUMCVSS 4.3EG 4.32024-02-09
Sentry is an error tracking and performance monitoring platform. Sentry’s integration platform provides a way for external services to interact with Sentry. One of such integrations, the Phabricator integration (maintained by Sentry) wit…
- CVE-2024-24888MEDIUMCVSS 6.4EG 6.42024-04-02
Server-Side Request Forgery (SSRF) vulnerability in StellarWP Gutenberg Blocks by Kadence Blocks kadence-blocks.This issue affects Gutenberg Blocks by Kadence Blocks: from n/a through <= 3.2.25.
- CVE-2024-25181CRITICALCVSS 9.1EG 9.12025-12-29
A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery (SSRF) and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "file_get_co…
- CVE-2024-25187HIGHCVSS 8.6EG 8.62024-04-02
Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated attackers to obtain sensitive information via getweather.html.
- CVE-2024-25294CRITICALCVSS 9.1EG 9.12024-03-20
An SSRF issue in REBUILD v.3.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the FileDownloader.java, proxyDownload,URL parameters.
- CVE-2024-25738CRITICALCVSS 9.1EG 9.12024-05-22
A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 through 9.1 before 9.1.1 allows a remote attacker to overwrite local configuration files to gain access to the adminis…
- CVE-2024-25864CRITICALCVSS 9.1EG 9.12024-04-03
Server Side Request Forgery (SSRF) vulnerability in Friendica versions after v.2023.12, allows a remote attacker to execute arbitrary code and obtain sensitive information via the fpostit.php component.
- CVE-2024-25915MEDIUMCVSS 4.9EG 4.92024-02-23
Server-Side Request Forgery (SSRF) vulnerability in Raaj Trambadia Pexels: Free Stock Photos.This issue affects Pexels: Free Stock Photos: from n/a through 1.2.2.
- CVE-2024-26476LOWCVSS 3.5EG 3.52024-02-28
An issue in open-emr before v.7.0.2 allows a remote attacker to escalate privileges via a crafted script to the formid parameter in the ereq_form.php component.
- CVE-2024-2663HIGHCVSS 8.3EG 8.32024-04-30
The ZD YouTube FLV Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.6 via the $_GET['image'] parameter. This makes it possible for unauthenticated attackers to make web requ…
- CVE-2024-27098MEDIUMCVSS 6.4EG 6.42024-03-18
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This i…
- CVE-2024-27347MEDIUMCVSS 5.3EG 5.32024-04-22
Server-Side Request Forgery (SSRF) vulnerability in Apache HugeGraph-Hubble.This issue affects Apache HugeGraph-Hubble: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue.
- CVE-2024-27561HIGHCVSS 8.1EG 9.12024-03-05
A Server-Side Request Forgery (SSRF) in the installUpdateThemePluginAction function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the installThemePlugin paramete…
- CVE-2024-27563MEDIUMCVSS 5.3EG 6.52024-03-05
A Server-Side Request Forgery (SSRF) in the getFileFromRepo function of WonderCMS v3.1.3 allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the pluginThemeUrl parameter.
- CVE-2024-27564MEDIUMCVSS 5.8EG 9.02024-03-05
pictureproxy.php in the dirk1983 mm1.ltd source code f9f4bbc allows SSRF via the url parameter. NOTE: the references section has an archived copy of pictureproxy.php from its original GitHub location, but the repository name might later ch…
- CVE-2024-27565CRITICALCVSS 9.8EG 9.82024-03-05
A Server-Side Request Forgery (SSRF) in weixin.php of ChatGPT-wechat-personal commit a0857f6 allows attackers to force the application to make arbitrary requests.
- CVE-2024-27620HIGHCVSS 7.5EG 7.52024-04-06
An issue in Ladder v.0.0.1 thru v.0.0.21 allows a remote attacker to obtain sensitive information via a crafted request to the API.
- CVE-2024-27707MEDIUMCVSS 4.3EG 4.32024-03-07
Server Side Request Forgery (SSRF) vulnerability in hcengineering Huly Platform v.0.6.202 allows attackers to run arbitrary code via upload of crafted SVG file.
- CVE-2024-27775HIGHCVSS 7.2EG 7.22024-03-28
SysAid before version 23.2.14 b18 - CWE-918: Server-Side Request Forgery (SSRF) may allow exposing the local OS user's NTLMv2 hash
- CVE-2024-27898MEDIUMCVSS 5.3EG 5.32024-04-09
SAP NetWeaver application, due to insufficient input validation, allows an attacker to send a crafted request from a vulnerable web application targeting internal systems behind firewalls that are normally inaccessible to an attacker from …
- CVE-2024-27927MEDIUMCVSS 6.5EG 6.52024-03-21
RSSHub is an open source RSS feed generator. Prior to version 1.0.0-master.a429472, RSSHub allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network…
- CVE-2024-27949MEDIUMCVSS 5.4EG 5.42024-03-01
Server-Side Request Forgery (SSRF) vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through <= 7.2.0.
- CVE-2024-2796CRITICALCVSS 9.3EG 9.32024-04-18
A server-side request forgery (SSRF) was discovered in the Akana API Platform in versions prior to and including 2022.1.3. Reported by Jakob Antonsson.
- CVE-2024-2827MEDIUMCVSS 6.3EG 6.32024-03-22
A vulnerability, which was classified as critical, has been found in lakernote EasyAdmin up to 20240315. This issue affects some unknown processing of the file /ureport/designer/saveReportFile. The manipulation leads to server-side request…
- CVE-2024-2828MEDIUMCVSS 6.3EG 6.32024-03-22
A vulnerability, which was classified as critical, was found in lakernote EasyAdmin up to 20240315. Affected is the function thumbnail of the file src/main/java/com/laker/admin/module/sys/controller/IndexController.java. The manipulation o…
- CVE-2024-28435MEDIUMCVSS 5.4EG 5.42024-03-25
The CRM platform Twenty version 0.3.0 is vulnerable to SSRF via file upload.
- CVE-2024-28668MEDIUMCVSS 6.1EG 6.12024-03-13
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/mychannel_add.php
- CVE-2024-28752CRITICALCVSS 9.3EG 9.32024-03-15
A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bind…
- CVE-2024-29007HIGHCVSS 7.3EG 7.32024-04-04
The CloudStack management server and secondary storage VM could be tricked into making requests to restricted or random resources by means of following 301 HTTP redirects presented by external servers when downloading templates or ISOs. Us…
- CVE-2024-29021CRITICALCVSS 9.0EG 9.02024-04-18
Judge0 is an open-source online code execution system. The default configuration of Judge0 leaves the service vulnerable to a sandbox escape via Server Side Request Forgery (SSRF). This allows an attacker with sufficient access to the Judg…
- CVE-2024-29028MEDIUMCVSS 5.8EG 5.82024-04-19
memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/httpmeta that allows unauthenticated users to enumerate the internal network and receive limited html values in json for…
Map vulnerabilities like CWE-918 to your infrastructure
EchelonGraph correlates every CVE — across CWE-918 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →