CVE-2024-27564
- Source
- https://cve.org/CVERecord?id=CVE-2024-27564
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27564.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-27564
- Withdrawn
- 2026-05-04T08:45:00.422386Z
- Published
- 2024-03-05T17:15:06.997Z
- Modified
- 2026-05-04T08:45:00.422386Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
pictureproxy.php in the dirk1983 mm1.ltd source code f9f4bbc allows SSRF via the url parameter. NOTE: the references section has an archived copy of pictureproxy.php from its original GitHub location, but the repository name might later change because it is misleading.
- References
-
- https://web.archive.org/save/https://github.com/dirk1983/chatgpt/blob/f9f4bbc99eed7210b291ec116bd57b3d8276bee5/README.md
- https://web.archive.org/save/https://github.com/dirk1983/chatgpt/issues/114
- https://web.archive.org/web/20250320031248/https://mm1.ltd/
- https://web.archive.org/web/20250320032559/https://github.com/dirk1983/chatgpt/blob/f9f4bbc99eed7210b291ec116bd57b3d8276bee5/pictureproxy.php
- https://github.com/dirk1983/chatgpt/issues/114