PartKeepr is an inventory management software designed primarily for electronic components.PartKeepr suffers from a server-side request forgery vulnerability, which stems from the fact that the ability to upload attachments using a URL when creating a part does not validate whether a request can be made to the local port, and can be exploited by an authenticated attacker to perform SSRF attacks to probe the server’s intranet resources.
CPE | Name | Operator | Version |
---|---|---|---|
partkeepr partkeepr | le | 1.4.0 |