-
Vulnerable Library - spring-boot-starter-thymeleaf-2.2.0.RELEASE.jar
Path to dependency file: /java/ssti/pom.xml
Found in HEAD commit: dbff3320673205dea2e0a4c513d54497ca905aab
## Vulnerabilitie…
-
os: win10
editor: vscode
terminal:gitbash on vscode's terminal
I have no any experience of pug/jade or css/scss. So I decide to type the example code
one by one to learn how to use this.
So,…
gkfnf updated
6 years ago
-
https://app.hackthebox.com/challenges/Templated
-
- [ ] T17: Do not only rely on client-side authorization (8)
- [ ] T19: Restrict Application's Access to Database (8)
- [ ] T36: Escape untrusted data in HTML, HTML attributes, CSS, and JavaScript (8)…
-
# CVE-2022-22954 VMware Workspace ONE Access Server-side Template Injection RCE - Y4er的博客
freemarker ssti
[https://y4er.com/post/cve-2022-22954-vmware-workspace-one-access-server-side-template-injec…
-
Hi, this is a request for writing a tsunami plugin for this CVE-2023-22527 which is a pre-auth RCE and I think we can implement it as a tsunami scanner plugin.
Ref: https://blog.projectdiscovery.io/a…
-
Hi
i didnt actually participate this ctf so i dont have any background information.
When i test the method you used to bypass the filter on my simple flask ssti docker, it didnt work.
i wonder is …
-
Write a guide on how to use the `ronin-vulns` command:
* `ronin-vulns lfi`
* `ronin-vulns open-redirect`
* `ronin-vulns xss`
* `ronin-vulns rfi`
* `ronin-vulns scan`
* `ronin-vulns sqli`
* `r…
-
你好,EzFlask/normal_ssti题目给的文件好像有点问题,看`Dockerfile`的文件内容,应该是少了`requirements.txt`以及`source`。
ca01h updated
3 years ago
-
- Which environment: 哪个环境出现BUG [e.g. all docker-compose.yml]
- Host OS: 操作系统 [e.g. Ubuntu]
- OS Version: 操作系统版本 [e.g. 24.04]
- Docker version: Docker 版本 [e.g. Docker version 27.1.2-ce, buil…