Critical severity9.1OSV Advisory· Published Mar 23, 2018· Updated Jun 17, 2026
CVE-2018-1000138
CVE-2018-1000138
Description
I, Librarian version 4.8 and earlier contains a SSRF vulnerability in "url" parameter of getFromWeb in functions.php that can result in the attacker abusing functionality on the server to read or update internal resources.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
23.0, 3.1, 3.2, …+ 1 more
- (no CPE)range: 3.0, 3.1, 3.2, …
- (no CPE)range: <=4.8
Patches
Vulnerability mechanics
References
2- github.com/mkucej/i-librarian/issues/120nvdExploitIssue TrackingThird Party Advisory
- github.com/mkucej/i-librarian/blob/9535753a84bc615b210802d4c9542db73368d984/functions.phpnvdThird Party Advisory
News mentions
0No linked articles in our index yet.