VYPR

CWE-918

Server-Side Request Forgery (SSRF)

BaseIncomplete

Description

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-664

CVEs mapped to this weakness (1,583)

page 22 of 80
  • CVE-2025-11046HigSep 26, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in Tencent WeKnora 0.1.0. This impacts the function testEmbeddingModel of the file /api/v1/initialization/embedding/test. The manipulation of the argument baseUrl results in server-side request forgery. The attack can be launched remotely. The…

  • CVE-2025-5005HigSep 9, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5.4. This affects an unknown function of the file crm/WeiXinApp/dingtalk/index_event.php. The manipulation of the argument corpurl results in server-side request forgery. The attack…

  • CVE-2025-49430HigSep 9, 2025
    risk 0.47cvss 7.2epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in FWDesign Ultimate Video Player fwduvp allows Server Side Request Forgery.This issue affects Ultimate Video Player: from n/a through <= 10.1.

  • CVE-2025-53473HigJul 7, 2025
    risk 0.47cvss 7.3epss 0.00

    Server-side request forgery (SSRF) vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers.

  • CVE-2025-49418HigJul 4, 2025
    risk 0.47cvss 7.2epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in TeconceTheme Allmart allmart-core allows Server Side Request Forgery.This issue affects Allmart: from n/a through <= 1.0.0.

  • CVE-2025-23172HigJun 19, 2025
    risk 0.47cvss 7.2epss 0.01

    The Versa Director SD-WAN orchestration platform includes a Webhook feature for sending notifications to external HTTP endpoints. However, the "Add Webhook" and "Test Webhook" functionalities can be abused by an authenticated user to send crafted HTTP requests to localhost. This…

  • CVE-2025-40595HigMay 14, 2025
    risk 0.47cvss 7.2epss 0.00

    A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. By using an encoded URL, a remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.

  • CVE-2025-20075HigFeb 18, 2025
    risk 0.47cvss 7.2epss 0.00

    Server-side request forgery (SSRF) vulnerability exists in FileMegane versions above 3.0.0.0 prior to 3.4.0.0. Executing arbitrary backend Web API requests could potentially lead to rebooting the services.

  • CVE-2024-54197HigDec 10, 2024
    risk 0.47cvss 7.2epss 0.00

    SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in Server-Side Request Forgery (SSRF) which could have a…

  • CVE-2024-11618HigNov 22, 2024
    risk 0.47cvss 7.3epss 0.01

    A vulnerability classified as critical was found in IPC Unigy Management System 04.03.00.08.0027. Affected by this vulnerability is an unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack can be launched…

  • CVE-2022-1751HigAug 17, 2024
    risk 0.47cvss 7.2epss 0.00

    The Skitter Slideshow plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.2 via the /image.php file. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web…

  • CVE-2024-6922MedJul 26, 2024
    risk 0.47cvss epss 0.30

    Automation Anywhere Automation 360 v21-v32 is vulnerable to Server-Side Request Forgery in a web API component. An attacker with unauthenticated access to the Automation 360 Control Room HTTPS service (port 443) or HTTP service (port 80) can trigger arbitrary web requests from…

  • CVE-2024-41668HigJul 23, 2024
    risk 0.47cvss 8.3epss 0.01

    The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery (SSRF)…

  • CVE-2024-38514HigJun 28, 2024
    risk 0.47cvss 7.4epss 0.02

    NextChat is a cross-platform ChatGPT/Gemini UI. There is a Server-Side Request Forgery (SSRF) vulnerability due to a lack of validation of the `endpoint` GET parameter on the WebDav API endpoint. This SSRF can be used to perform arbitrary HTTPS request from the vulnerable…

  • CVE-2024-34581HigJun 26, 2024
    risk 0.47cvss 7.3epss 0.00

    The W3C XML Signature Syntax and Processing (XMLDsig) specification, starting with 1.0, was originally published with a "RetrievalMethod is a URI ... that may be used to obtain key and/or certificate information" statement and no accompanying information about SSRF risks, and…

  • CVE-2024-33250HigMay 14, 2024
    risk 0.47cvss 7.2epss 0.01

    An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4.0.195(Leo) allows a remote attacker to execute arbitrary code via a crafted request.

  • CVE-2024-31288HigApr 7, 2024
    risk 0.47cvss 7.2epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize.This issue affects RapidLoad Power-Up for Autoptimize: from n/a through 2.2.11.

  • CVE-2024-27775HigMar 28, 2024
    risk 0.47cvss 7.2epss 0.01

    SysAid before version 23.2.14 b18 - CWE-918: Server-Side Request Forgery (SSRF) may allow exposing the local OS user's NTLMv2 hash

  • CVE-2023-49159HigDec 15, 2023
    risk 0.47cvss 7.2epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Elegant Digital Solutions CommentLuv.This issue affects CommentLuv: from n/a through 3.0.4.

  • CVE-2023-3025HigSep 16, 2023
    risk 0.47cvss 7.2epss 0.00

    The Dropbox Folder Share plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.9.7 via the 'link' parameter. This can allow unauthenticated attackers to make web requests to arbitrary locations originating from the web application…