Hello-Java-Sec issues

DocumentBuilder 快速的实现读取win系统文件，增加用户学习友好度

![image](https://user-images.githubusercontent.com/22064977/166087933-e041298b-f6ee-4340-b7e0-5e4041692361.png)

k4n5ha0

建议进一步增加水平越权

制作一个只有admin才能访问的接口，zhangwei的session不能访问对应的制作一个和上面功能一致但对用户session不进行任何判断的接口让学习者可以用bp测水平越权

k4n5ha0

编译后有个class文件报毒,RuntimeVul.class

1

D:\Hello-Java-Sec\target\classes\com\best\hello\controller\RCE\RuntimeVul.class (无法成功完成操作，因为文件包含病毒或潜在的垃圾软件。)

ghjkgf

change Dockerfile

update ``` FROM openjdk:8-jdk ADD ./target/javasec-1.11.jar app.jar ... ```

FlowerWitch

This PR was automatically created by Safer, an open-source tool that updates vulnerable dependencies with compatible and more secure versions. Analyzed commit: d33f7058cfb026155f36b0b595e467f3aebd8457 File updated: pom.xml Vulnerabilities reduced: 581 ->...

safer-bot

Safer - Compatible Updates to Fix Vulnerable Dependencies

Hi there 👋, I'm [Safer Bot](https://gitlab.com/lsi-ufcg/vulnerabilidades/safer)! Safer is an open-source tool that automatically updates vulnerable dependencies to more secure and compatible versions. Our goal is to help maintainers keep their...

safer-bot

Hello-Java-Sec
Hello-Java-Sec copied to clipboard

Metadata

DocumentBuilder 快速的实现读取win系统文件，增加用户学习友好度

建议进一步增加水平越权

Update application.properties

编译后有个class文件报毒,RuntimeVul.class

change Dockerfile

Updated pom.xml by Safer

Safer - Compatible Updates to Fix Vulnerable Dependencies

← Metadata

Owner

Metadata

Hello-Java-Sec Hello-Java-Sec copied to clipboard

Metadata

DocumentBuilder 快速的实现读取win系统文件，增加用户学习友好度

建议进一步增加水平越权

Update application.properties

编译后有个class文件报毒,RuntimeVul.class

change Dockerfile

Updated pom.xml by Safer

Safer - Compatible Updates to Fix Vulnerable Dependencies

← Metadata

Owner

Metadata

Hello-Java-Sec
Hello-Java-Sec copied to clipboard