shadia0

4 exploits Active since Oct 2024
CVE-2025-45809 GITHUB MEDIUM python WORKING POC
litellm < 1.81.0 - SQL Injection via Key Parameter
SQL Injection vulnerability in BerriAI LiteLLM before 1.81.0 allows attackers to execute arbitrary commands via the key parameter to the "/key/block" and "/key/unblock" API endpoints.
CVSS 5.4
CVE-2024-51242 WRITEUP MEDIUM WRITEUP
eladmin < 2.7 - Server-Side Request Forgery via HTTP Body ip Parameter
A Server-Side Request Forgery (SSRF) vulnerability has been identified in eladmin 2.7 and earlier in ServerDeployController.java. The manipulation of the HTTP Body ip parameter leads to SSRF.
CVSS 6.5
CVE-2024-51243 WRITEUP HIGH WRITEUP
eladmin < 2.7 - Remote Code Execution via DeployController.java
The eladmin v2.7 and before contains a remote code execution (RCE) vulnerability that can control all application deployment servers of this management system via DeployController.java.
CVSS 7.2
CVE-2025-45809 WRITEUP MEDIUM WRITEUP
litellm < 1.81.0 - SQL Injection via Key Parameter
SQL Injection vulnerability in BerriAI LiteLLM before 1.81.0 allows attackers to execute arbitrary commands via the key parameter to the "/key/block" and "/key/unblock" API endpoints.
CVSS 5.4