VYPR
High severity7.6NVD Advisory· Published Sep 2, 2022· Updated Jun 17, 2026

CVE-2022-31196

CVE-2022-31196

Description

Databasir is a database metadata management platform. Databasir <= 1.06 has Server-Side Request Forgery (SSRF) vulnerability. The SSRF is triggered by a sending a single HTTP POST request to create a databaseType. By supplying a jdbcDriverFileUrl that returns a non 200 response code, the url is executed, the response is logged (both in terminal and in database) and is included in the response. This would allow an attackers to obtain the real IP address and scan Intranet information. This issue was fixed in version 1.0.7.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Vran Dev/Databasirllm-fuzzy2 versions
    <=1.06+ 1 more
    • (no CPE)range: <=1.06
    • (no CPE)range: < 1.0.7

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.