Vulnerability Details CVE-2024-48107
SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows attacks to scan ports on the Intranet or local network where the server resides, attack applications running on the Intranet or local network, or read metadata on the cloud server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.3%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2024-48107
-
cpe:2.3:a:sparkshop:sparkshop:-
-
cpe:2.3:a:sparkshop:sparkshop:1.0.2
-
cpe:2.3:a:sparkshop:sparkshop:1.1.1
-
cpe:2.3:a:sparkshop:sparkshop:1.1.2
-
cpe:2.3:a:sparkshop:sparkshop:1.1.3
-
cpe:2.3:a:sparkshop:sparkshop:1.1.4
-
cpe:2.3:a:sparkshop:sparkshop:1.1.5
-
cpe:2.3:a:sparkshop:sparkshop:1.1.6
-
cpe:2.3:a:sparkshop:sparkshop:1.1.7