exploit-CVE-2023-23752 icon indicating copy to clipboard operation
exploit-CVE-2023-23752 copied to clipboard
verified publisher icon Acceis

Remove trailing forward slash

Open sdushantha opened this issue 8 months ago • 0 comments

Many users may copy the URL from their web browser which results in the URL containing a trailing forward slash. If this is included in the URL when making the request to the API endpoints the correct data wont be returned.

Before

$ ruby exploit.rb http://example.com/
exploit.rb:71:in `parse_users': undefined method `each' for nil (NoMethodError)

  data.each do |user|
      ^^^^^
        from exploit.rb:85:in `display_users'
        from exploit.rb:135:in `<main>'

After

$ ruby exploit.rb http://example.com/
Users
[649] bob (bob) - [email protected] - Super Users

<SNIP>

sdushantha avatar Apr 29 '25 07:04 sdushantha