Skip to main content

Breaking cybersecurity news

Vulnerability database

EU vulnerability data

Hands-on web security training

Security incidents database

Knowledge library

Analytics & trends

Follow us

Professional cybersecurity intelligence

Breaking cybersecurity news

Vulnerability database

EU vulnerability data

Hands-on web security training

Security incidents database

Knowledge library

Analytics & trends

Follow us

About Sources Sponsored Articles Status Legal Terms

v2.3.3•© 2026

Telegram Bluesky GitHub Contact

Return to CVE list

CVE-2024-27564

CVE-2024-27564

5.8

Medium

Published:5 Mar 2024

Last updated:17 Jun 2026

Source:cve@mitre.org

Modified

Weakness (CWE)

CWE-918Server-Side Request Forgery (SSRF)

CVSS Vector

v3.1

Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Changed
Confidentiality: Low
Integrity: None
Availability: None

View on MITRE Find PoC on GitHub

Description

pictureproxy.php in the dirk1983 mm1.ltd source code f9f4bbc allows SSRF via the url parameter. NOTE: the references section has an archived copy of pictureproxy.php from its original GitHub location, but the repository name might later change because it is misleading.

References

cve@mitre.org

https://github.com/dirk1983/chatgpt/issues/114

cve@mitre.org

https://web.archive.org/save/https://github.com/dirk1983/chatgpt/blob/f9f4bbc99eed7210b291ec116bd57b3d8276bee5/README.md

cve@mitre.org

https://web.archive.org/save/https://github.com/dirk1983/chatgpt/issues/114

cve@mitre.org

https://web.archive.org/web/20250320031248/https://mm1.ltd/

cve@mitre.org

https://web.archive.org/web/20250320032559/https://github.com/dirk1983/chatgpt/blob/f9f4bbc99eed7210b291ec116bd57b3d8276bee5/pictureproxy.php

af854a3a-2127-422b-91ae-364da2661108

https://github.com/dirk1983/chatgpt/issues/114