SSTI误报率高 - Githubissues

w-digital-scanner / w13scan

Passive Security Scanner (被动式安全扫描器)

GNU General Public License v2.0

1.9k stars 360 forks source link

Closed HeartSleep closed 4 years ago

HeartSleep commented 4 years ago

SSTI误报有点高，乘法payload打过去，页面中有图片路径其中有刚好撞到乘法结果的数字就会产生误报

boy-hack commented 4 years ago

已修复，使用最新版