Lucene search
+L

28 matches found

Hacker One
Hacker One
added 2022/12/20 4:40 p.m.21 views

GitHub Security Lab: [Go]: Add Beego.Input.RequestBody source to Beego framework

Vulnerability description not provided...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/07/05 12:0 a.m.3 views

PT-2022-20952 · Beego · Beego

Name of the Vulnerable Software and Affected Versions: Beego versions 2.0.3 and below Description: The leafInfo.match function uses path.join to deal with wildcard values, which can lead to cross directory risk. This issue affects the Beego framework, potentially allowing unauthorized access to...

9.8CVSS9.2AI score0.01503EPSS
Exploits1References13
Cvelist
Cvelist
added 2022/05/21 12:0 a.m.26 views

CVE-2022-31259

The route lookup process in beego before 1.12.9 and 2.x before 2.0.3 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places e.g., p1.xml instead of p1...

9.6AI score0.21573EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/04/05 12:0 a.m.5 views

Beego 后置链接漏洞

Beego is an open source web framework based on the Go language. A backward linking vulnerability in the file profile.go in the function GetCPUProfile in Beego 2.0.2 and earlier versions allows attackers to locally launch a symbolic link attack...

7.8CVSS7.2AI score0.00432EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/04/05 12:0 a.m.5 views

Beego 安全漏洞

Beego is an open source web framework based on the Go language. A security vulnerability existed prior to Beego 2.0.1 that stemmed from a route lookup process that allowed an attacker to bypass access control...

9.8CVSS8.3AI score0.0121EPSS
Exploits0References4
CNVD
CNVD
added 2021/02/04 12:0 a.m.5 views

Unauthorized Access Vulnerability in Beego Framework

beego is an application framework developed in Go. An unauthorized access vulnerability exists in the Beego framework, which can be exploited by an attacker to obtain sensitive information...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/09/17 12:0 a.m.5 views

Beego File Session Manager Information Disclosure Vulnerability

Beego is an open source web framework based on the Go language . File Session Manager is one of the file Session Manager. An information disclosure vulnerability exists in File Session Manager in Beego version 1.10.0, which can be exploited by a local attacker to read session files...

5.5CVSS6AI score0.00362EPSS
Exploits1References1
CNVD
CNVD
added 2019/09/17 12:0 a.m.5 views

Beego File Session Manager Information Disclosure Vulnerability (CNVD-2019-32482)

Beego is an open source web framework based on the Go language . File Session Manager is one of the file Session Manager. An information disclosure vulnerability exists in File Session Manager in Beego version 1.10.0, which can be exploited by a local attacker to read session files...

4.7CVSS6AI score0.00199EPSS
Exploits0References1
Rows per page
Query Builder