-
It would be nice to have a plugin which tests for this vulnerability!
https://hawkinsecurity.com/2017/12/13/rce-via-spring-engine-ssti/
-
Thank you for your contributions!
-
There is a Server Side Template Injection in `/admin/menu-edit.php?action=submit`, which I'd like to discuss with the community to try and figure out a solution for.
### Background
- As an admin …
-
### Details
请帮我修复SSTI.java中的服务端模板注入漏洞
Checklist
- [X] Modify `src/main/java/org/joychou/controller/SSTI.java` ✓ https://github.com/alwaysgoodtime/java-sec-code/commit/78128faf08d2121175ef5e397b17d…
-
### **Summary**
StrongShop v1.0 has a vulnerability for Server-Side Template Injection (SSTI).The vulnerability allows attackers to inject malicious code into templates executed on the server by the …
-
### Details
Features: 请帮我修复SSTI.java文件中的模板注入漏洞
Checklist
- [X] Modify `src/main/java/org/joychou/controller/SSTI.java` ✓ https://github.com/alwaysgoodtime/java-sec-code/commit/89d1b972b7aa46ffec73…
-
### **Summary**
LiveHelperChat 4.28v has a vulnerability for Server-Side Template Injection (SSTI).
### **Details**
The normal logic is that LiveHelperChat should filter the `{{` and `}}` of the …
-
Hello creator, fantastic work!
Does this tool include a login feature for writing a file in case the provided URL is vulnerable? As a beginner bug-bounty hunter, I rely on this tool to automate SST…
-
in function 'anova' line 4
`Z̄ = mean(Z̄ᵢ)`
is wrong.
It must be
`Z̄ = sum(Z̄ᵢ .* Nᵢ) / sum(Nᵢ).`
As a result, function using 'anova', ie. `OneWayANOVATest`, `LeveneTest`, `FlignerKille…
-
ssti на вывести конфиг но слово конфиг запрещено
ну тут любой ребенок разберется
kumfc updated
4 years ago