Tritium
Tritium
# Vulnerable File WebsiteGuide/settings.py (Line 23) ```python SECRET_KEY = 'm0r4*w5&)vm9b$rj4r-*-+b+!k^f^c=-vt^)+6m_-^qrg871^x' ``` # Vulnerability Type Hardcoded Cryptographic Key # Impact Attackers can: Forge JWT tokens with arbitrary user privileges (e.g., is_superuser=True)....
https://github.com/Tritium0041/Jrohy-trojan-RCE-POC There is a critical command injection (Remote Code Execution, RCE) vulnerability in the /trojan/log endpoint of the jrohy-trojan web interface. The issue arises because user input from the line...
# /api/config 接口鉴权缺失导致配置篡改漏洞 漏洞位置:gin-blog-server/internal/manager.go 中的 base.PATCH("/config", blogInfoAPI.UpdateConfig) 影响范围:未授权攻击者可任意修改网站核心配置 漏洞描述:UpdateConfig 接口被错误放置于无需鉴权的路由组 base 中,导致攻击者可直接构造请求篡改网站配置信息(如网站名称、备案号、评论审核开关等),可能引发数据污染、安全机制失效或服务中断。 攻击者可通过发送精心构造的 PATCH /api/config 请求,直接修改服务器配置,无需登录或权限验证。 POC(Proof of Concept): ```http PATCH /api/config HTTP/1.1 Host: localhost Content-Type: application/json Content-Length: 141 {...
# Affected Endpoint: go-chat/api/v1/file_controller.go→ GetFile # Description: This endpoint allows users to read arbitrary files on the web server. Due to the lack of input sanitization, it is vulnerable to...
https://github.com/xiaogao67/gin-cloud-storage/blob/master/controller/upload.go#L80 当文件名为../../../somefile.txt及类似的名字时 可能会导致文件被上传至预期之外的位置?