VYPR

CWE-918

Server-Side Request Forgery (SSRF)

BaseIncomplete

Description

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-664

CVEs mapped to this weakness (1,583)

page 56 of 80
  • CVE-2026-4284MedMar 16, 2026
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was determined in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. This issue affects the function downloadFile of the file - yudao-module-digitalcourse/yudao-module-digitalcourse-biz/src/main/java/cn/iocoder/yudao/module/digitalcourse/util/P…

  • CVE-2026-3750MedMar 8, 2026
    risk 0.31cvss 4.7epss 0.00

    A security vulnerability has been detected in ContiNew Admin up to 4.2.0. This issue affects the function URI.create of the file continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the component Storage Management Module. The manipulation…

  • CVE-2026-1884MedFeb 4, 2026
    risk 0.31cvss 4.7epss 0.00

    A weakness has been identified in ZenTao up to 21.7.6-85642. The impacted element is the function fetchHook of the file module/webhook/model.php of the component Webhook Module. This manipulation causes server-side request forgery. The attack may be initiated remotely. The…

  • CVE-2026-0649MedJan 7, 2026
    risk 0.31cvss 4.7epss 0.00

    A security vulnerability has been detected in invoiceninja up to 5.12.38. The affected element is the function copy of the file /app/Jobs/Util/Import.php of the component Migration Import. The manipulation of the argument company_logo leads to server-side request forgery. It is…

  • CVE-2025-15414MedJan 1, 2026
    risk 0.31cvss 4.7epss 0.00

    A flaw has been found in go-sonic sonic up to 1.1.4. The affected element is the function FetchTheme of the file service/theme/git_fetcher.go of the component Theme Fetching API. Executing a manipulation of the argument uri can lead to server-side request forgery. The attack may…

  • CVE-2025-13281MedDec 14, 2025
    risk 0.31cvss 5.8epss 0.00

    A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network…

  • CVE-2025-14008MedDec 4, 2025
    risk 0.31cvss 4.7epss 0.00

    A flaw has been found in dayrui XunRuiCMS up to 4.7.1. This vulnerability affects unknown code of the file admin79f2ec220c7e.php?c=api&m=test_site_domain of the component Project Domain Change Test. This manipulation of the argument v causes server-side request forgery. It is…

  • CVE-2025-14004MedDec 4, 2025
    risk 0.31cvss 4.7epss 0.00

    A security flaw has been discovered in dayrui XunRuiCMS up to 4.7.1. Affected is an unknown function of the file /admind45f74adbd95.php?c=email&m=add of the component Email Setting Handler. Performing a manipulation results in server-side request forgery. Remote exploitation of…

  • CVE-2025-12058MedOct 29, 2025
    risk 0.31cvss epss 0.00

    The Keras.Model.load_model method, including when executed with the intended security mitigation safe_mode=True, is vulnerable to arbitrary local file loading and Server-Side Request Forgery (SSRF). This vulnerability stems from the way the StringLookup layer is handled during…

  • CVE-2025-11286MedOct 5, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was determined in samanhappy MCPHub up to 0.9.10. This affects an unknown part of the file src/controllers/serverController.ts of the component MCPRouter Service. This manipulation of the argument baseUrl causes server-side request forgery. The attack may be…

  • CVE-2025-10765MedSep 21, 2025
    risk 0.31cvss 4.7epss 0.00

    A security flaw has been discovered in SeriaWei ZKEACMS up to 4.3. This vulnerability affects the function CheckPage/Suggestions in the library cms-v4.3\wwwroot\Plugins\ZKEACMS.SEOSuggestions\ZKEACMS.SEOSuggestions.dll of the component SEOSuggestions. Performing manipulation…

  • CVE-2025-10397MedSep 14, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was identified in Magicblack MacCMS 2025.1000.4050. This affects an unknown part of the component API Handler. The manipulation of the argument cjurl leads to server-side request forgery. The attack can be initiated remotely. The exploit is publicly available and…

  • CVE-2025-9414MedAug 25, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in kalcaddle kodbox 1.61. Affected by this vulnerability is an unknown functionality of the file /?explorer/upload/serverDownload of the component Download from Link Handler. Performing manipulation of the argument url results in server-side request…

  • CVE-2025-9402MedAug 25, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in HuangDou UTCMS 9. This issue affects some unknown processing of the file app/modules/ut-frame/admin/update.php of the component Config Handler. Performing manipulation of the argument UPDATEURL results in server-side request forgery. The attack is…

  • CVE-2025-8678MedAug 22, 2025
    risk 0.31cvss 5.9epss 0.00

    The WP Crontrol plugin for WordPress is vulnerable to blind Server-Side Request Forgery in versions 1.17.0 to 1.19.1 via the 'wp_remote_request' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to…

  • CVE-2025-8520MedAug 4, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability classified as critical was found in givanz Vvveb up to 1.0.5. This vulnerability affects unknown code of the file /vadmin123/?module=editor/editor of the component Drag-and-Drop Editor. The manipulation of the argument url leads to server-side request forgery.…

  • CVE-2025-52967MedJun 23, 2025
    risk 0.31cvss 5.8epss 0.00

    gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation.

  • CVE-2022-29180MedMay 7, 2022
    risk 0.31cvss 5.9epss 0.01

    A vulnerability in which attackers could forge HTTP requests to manipulate the `charm` data directory to access or delete anything on the server. This has been patched and is available in release [v0.12.1](https://github.com/charmbracelet/charm/releases/tag/v0.12.1). We…

  • CVE-2022-24825MedApr 19, 2022
    risk 0.31cvss 5.8epss 0.01

    Smokescreen is a simple HTTP proxy that fogs over naughty URLs. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure.…

  • CVE-2020-8226MedAug 17, 2020
    risk 0.31cvss 5.8epss 0.01

    A vulnerability exists in phpBB <v3.2.10 and <v3.3.1 which allowed remote image dimensions check to be used to SSRF.