{"id":"CVE-2024-27564","details":"pictureproxy.php in the dirk1983 mm1.ltd source code f9f4bbc allows SSRF via the url parameter. NOTE: the references section has an archived copy of pictureproxy.php from its original GitHub location, but the repository name might later change because it is misleading.","modified":"2026-05-04T08:45:00.422386Z","published":"2024-03-05T17:15:06.997Z","withdrawn":"2026-05-04T08:45:00.422386Z","references":[{"type":"WEB","url":"https://web.archive.org/save/https://github.com/dirk1983/chatgpt/blob/f9f4bbc99eed7210b291ec116bd57b3d8276bee5/README.md"},{"type":"WEB","url":"https://web.archive.org/save/https://github.com/dirk1983/chatgpt/issues/114"},{"type":"WEB","url":"https://web.archive.org/web/20250320031248/https://mm1.ltd/"},{"type":"WEB","url":"https://web.archive.org/web/20250320032559/https://github.com/dirk1983/chatgpt/blob/f9f4bbc99eed7210b291ec116bd57b3d8276bee5/pictureproxy.php"},{"type":"REPORT","url":"https://github.com/dirk1983/chatgpt/issues/114"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27564.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2023-05-23"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}]}