java-sec-code

This is an offensive tool for Java web applications. It is a collection of Java web common vulnerabilities and security code, based on Spring Boot and Spring Security. The repository contains various types of vulnerabilities, including actuators to RCE, command inject, CORS, CRLF injection, CSRF,...

dst-admin Code Injection Vulnerability

dst-admin is a web program written in Java by qinming99, an individual developer. A security vulnerability exists in dst-admin v1.5.0, which is caused by a Remote Command Execution RCE vulnerability in the parameter userId of the component /home/playerOperate...

Payatu ChatEngine SQL注入漏洞

ChatEngine is a Java web application by Winnie Liang Personal Developer. A security vulnerability exists in Payatu ChatEngine version v.1.0, which originates from a SQL injection issue in /src/chatbotapp/chatWindow.java...

dst-admin 命令注入漏洞

dst-admin is a web program written in Java by qinming99, an individual developer. A command injection vulnerability exists in dst-admin version 1.5.0, which stems from an unknown function in the file /home/cavesConsole, which can be injected with the parameter command...

dst-admin 命令注入漏洞

dst-admin is a web program written in Java by qinming99, an individual developer. A command injection vulnerability exists in dst-admin version 1.5.0, which stems from an unknown function in the file /home/sendBroadcast that can be injected via the parameter message...