-
We're receiving snyk high vulnerability error, please release messageml-util latest version with this fix
```
Server-side Template Injection (SSTI) [High Severity]https://snyk.io/vuln/SNYK-JAVA-ORG…
-
填写如下信息
- Which environment: 哪个环境出现BUG [e.g. python/ssti]
- Host OS: 操作系统 [e.g. Ubuntu]
- OS Version: 操作系统版本 [e.g. 18.04]
- Docker version: Docker 版本 [e.g. Docker version 18.04.0-ce, build 3d…
-
Hello,
I was able to use the reNgine few days back but today when I tried to login, I am getting "Server error 500" message. I tried to update the reNgine and update was successful but it didn't so…
-
**Describe the bug**
I have installed scant3r on different platforms (kali, windows, ubuntu..) and every time I try to run the script it does not start. It only shows me the beginning.
**To Reprod…
-
```
W13scan plugin traceback:
Running version: 2.2.0
Python version: 3.7.0
Operating system: Windows-10-10.0.19041-SP0
request raw:
GET /support/ 1.1
Host: download.10086.cn
User-Agent: Mozilla/5.…
-
```
W13scan plugin traceback:
Running version: 2.2.0
Python version: 3.8.7
Operating system: Linux-5.9.0-kali5-amd64-x86_64-with-glibc2.29
request raw:
GET /security-incident 1.1
Host: www.hackeron…
-
提交issue前,请检查你本地的vulhub是否是最新版,否则可能存在一些由于时间问题导致而今已经修复的bug。
填写如下信息
- Which environment: 哪个环境出现BUG [e.g. python/ssti]
- Host OS: 操作系统 [e.g. Ubuntu]
- OS Version: 操作系统版本 [e.g. 18.04]
- Docker …
-
Check that features work as intended, check for security and basic functionality
- Local File Inclusion
- SQL Injection, SSTI, XSS (non-admins)
- Session or JWT forgery
https://flask.palletspr…
-
Is this relevant?
https://www.lanmaster53.com/2016/03/11/exploring-ssti-flask-jinja2-part-2/
https://twitter.com/_qll_/status/707714873774448640
If, how can it be mitigated?
### Environmen…
-
Hello, I would like to ask: In Server Mode, is there a way to pass in cookies through API.
If you already have this function, can you update the usage in the document?
Thank you very much for th…