JoyChou93 java-sec-code issues

JoyChou93 / java-sec-code

Java web common vulnerabilities and security code which is base on springboot and spring security

2.42k stars 645 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Code cleanup

#39 matteobaccan closed 1 year ago
1
Bump spring-security-web from 4.2.12.RELEASE to 5.2.10.RELEASE

#38 dependabot[bot] closed 3 months ago
1
Bump commons-io from 2.5 to 2.7

#37 dependabot[bot] closed 3 months ago
1
jolokia/list访问不到

#36 HYWZ36 closed 3 years ago
1
Java 1.7/1.8 no CRLF vulns (test in Java 1.7/1.8)

#35 HYWZ36 closed 3 years ago
1
crlf injection is wrong

#34 HYWZ36 closed 3 years ago
1
Bump xstream from 1.4.10 to 1.4.16

#33 dependabot[bot] closed 3 years ago
1
自动化渗透获取token方法

#32 xx-zhang closed 3 years ago
0
文件上传中/file/目录下上传文件跳转页面不存在

#31 Xandrillite closed 3 years ago
0
关于Cookies部分意图的疑问

#30 R3col closed 3 years ago
2
Bump poi from 3.10-FINAL to 3.17

#29 dependabot[bot] closed 2 years ago
1
Bump xstream from 1.4.10 to 1.4.15

#28 dependabot[bot] closed 3 years ago
1
执行rm -rf /*之后系统不能用了

#27 canliture closed 3 years ago
1
Bump xstream from 1.4.10 to 1.4.13-java7

#26 dependabot[bot] closed 3 years ago
1
docker 环境mysql 连接报错 Public Key Retrieval is not allowed

#25 jax777 closed 1 year ago
3
MySQL commands to support running JavaSecCode

#24 dtpoirot closed 10 months ago
2
无法使用

#23 godzeo closed 4 years ago
5
Bump mysql-connector-java from 8.0.12 to 8.0.16

#22 dependabot[bot] closed 2 years ago
1
Bump log4j-core from 2.8.2 to 2.13.2

#21 dependabot[bot] closed 2 years ago
1
Bump commons-collections from 3.1 to 3.2.2

#20 dependabot[bot] closed 3 months ago
1
Bump dom4j from 2.1.0 to 2.1.3

#19 dependabot[bot] closed 3 months ago
1
新增两个文件操作相关的注意点

#18 leveryd closed 3 months ago
0
sync

#17 liergou9981 closed 4 years ago
0
bug fix

#16 liergou9981 closed 4 years ago
1
增加socket hook模块实现socket层拦截SSRF

#15 liergou9981 closed 4 years ago
0
目前针对DnsRebind的问题无法解决

#14 JoyChou93 closed 4 years ago
0
Jsonp的Referer拦截比较粗暴

#13 JoyChou93 closed 4 years ago
0
Bump dom4j from 2.1.0 to 2.1.1

#12 dependabot[bot] closed 4 years ago
1
Bump fastjson from 1.2.24 to 1.2.25

#11 dependabot[bot] closed 4 years ago
1
Bump xstream from 1.4.10 to 1.4.10-java7

#10 dependabot[bot] closed 5 years ago
1
Add more vulnerable code snippets about SQLi(mybatis) and XSS(reflect, stored)

#9 Anemone95 closed 5 years ago
1
add xxe

#8 JoyChou93 closed 5 years ago
0
fix bug 0.0.0.0 can bypass SSRFChecker

#7 waderwu closed 5 years ago
2
Springboot的Filter拦截器中使用@value获取值为null

#6 JoyChou93 closed 5 years ago
0
文件上传功能，跳转到upload页面路径错误。

#5 Ckmount closed 5 years ago
2
Add new CORS vulnerability example.

#4 lightless233 closed 6 years ago
0
Add new Java URL redirect vulnerability example.

#3 lightless233 closed 6 years ago
0
SSRF的代码感觉有些问题

#2 geekmc closed 6 years ago
3
ssrf这个怎么使用

#1 geekmc closed 6 years ago
0