Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-918

CWE-918

Server-Side Request Forgery (SSRF)

Parent: CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

2,742 vulnerabilities with CWE-918

CVE-2024-21893 HIGH KEV

Ivanti SAML - Server Side Request Forgery (SSRF)

CVE-2024-23838 HIGH

TrueLayer.NET < 1.6.0 - Server-Side Request Forgery via HttpClient URL Control

CVE-2024-23825 LOW

TablePress < 2.2.5 - Server-Side Request Forgery via Table Import URL Parameter

CVE-2024-1063 MEDIUM

Appwrite <= 1.4.13 - Server-Side Request Forgery via Favicon Endpoint

CVE-2024-22648 MEDIUM

SEO Panel 4.10.0 - Server-Side Request Forgery via Crawl Meta Data Functionality

CVE-2024-1021 MEDIUM

Rebuild < 3.5.5 - Server-Side Request Forgery via HTTP Request Handler readRawText Function

CVE-2024-0946 HIGH

60indexpage < 1.8.5 - Server-Side Request Forgery via URL Parameter in Parameter Handler

CVE-2024-0945 HIGH

60indexpage < 1.8.5 - Server-Side Request Forgery via URL Parameter in file.php

CVE-2024-22134 MEDIUM

Renzo Johnson Contact Form 7 Extension For Mailchimp <0.5.70 - SSRF

CVE-2024-23330 MEDIUM

Tutanota < 119.10 - Server-Side Request Forgery via HTML Email Image Loading

CVE-2024-22205 CRITICAL

Whoogle Search < 0.8.4 - Server-Side Request Forgery via Window Endpoint Location Parameter

CVE-2024-22203 CRITICAL

benbusby/whoogle_search < 0.8.4 - Server-Side Request Forgery via Unvalidated src_type and element_url Parameters

CVE-2024-0649 MEDIUM

ZhiHuiYun < 4.4.13 - Server-Side Request Forgery via Image Download URL Parameter

CVE-2024-22408 HIGH

Shopware Flow Builder - Server-Side Request Forgery via Webhook Action URL

CVE-2024-0601 MEDIUM

ZhongFuCheng3y Austin 1.0 - Server-Side Request Forgery via Email Message Template Handler

CVE-2024-0510 HIGH

HaoKeKeJi YiQiNiu < 3.1 - Server-Side Request Forgery via http_post URL Parameter

CVE-2024-0308 MEDIUM

inis < 2.0.1 - Server-Side Request Forgery via Proxy.php p_url Parameter

CVE-2024-0304 MEDIUM

Youke365 < 1.5.3 - Server-Side Request Forgery via collect.php URL Parameter

CVE-2024-0303 MEDIUM

Youke365 < 1.5.3 - Server-Side Request Forgery via caiji.php URL Parameter

CVE-2024-21642 HIGH

D-Tale < 3.9.0 - Server-Side Request Forgery via Load From the Web Input

CVE-2023-46945 CRITICAL

QD 20230821 - Server-Side Request Forgery

CVE-2023-53899 CRITICAL

PodcastGenerator 3.2.9 - Server-Side Request Forgery via Episode Upload Shortdesc Parameter

CVE-2023-53893 MEDIUM

Ateme TITAN File 3.9.12.4 - Authenticated Server-Side Request Forgery via Job Callback URL Parameter

CVE-2023-7325 CRITICAL

Anheng Mingyu Operation and Maintenance Audit and Risk Control Syst...

CVE-2023-48786 MEDIUM

Fortinet FortiClientEMS <7.4.3 - SSRF

Previous Page 68 of 110 Next

Details

Vulnerabilities 2,742

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy