summerxxoo/VulnPoc

Releases0

Stars1

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-55081 ↗	Dec 19, 2024Thursday, 19 December 2024, 17:15	9.8 CRITICAL	—
An XML External Entity (XXE) injection vulnerability in the component /datagrip/upload of Chat2DB v0.3.5 allows attackers to execute arbitrary code via supplying a crafted XML input.
CVE-2024-55082 ↗	Dec 19, 2024Thursday, 19 December 2024, 16:15	7.5 HIGH	—
A Server-Side Request Forgery (SSRF) in the endpoint http://{your-server}/url-to-pdf of Stirling-PDF 0.35.1 allows attackers to access sensitive information via a crafted request.