cvedb.io
CVE-2024-48107
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2024-10-28T21:15:09.453 · Last modified 2026-06-17T07:58:12.383

Summary

SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows attacks to scan ports on the Intranet or local network where the server resides, attack applications running on the Intranet or local network, or read metadata on the cloud server.

Affected products

sparkshop — sparkshop

Does this affect you?

Add your gear to cvedb and we'll alert you only when sparkshop ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.