9 matches found
EUVD-2025-19430
Malicious code in bioql PyPI...
CVE-2025-6774
The CVE-2025-6774 vulnerability affects the gooaclok819 sublinkX project (versions up to 1.8). The root cause is in AddTemp (api/template.go), where manipulating the filename parameter enables path traversal. This can potentially be exploited remotely, and public exploit information exists. A fix...
PT-2025-27253 · Sublinkx · Sublinkx
Name of the Vulnerable Software and Affected Versions: gooaclok819 sublinkX versions up to 1.8 Description: A critical issue has been found, affecting the function AddTemp of the file api/template.go. The manipulation of the argument filename leads to path traversal. This issue can be exploited...
sublinkX 路径遍历漏洞
sublinkX is an open source node subscription conversion and generation management system developed by Chen Hui. A path traversal vulnerability exists in sublinkX 1.8 and earlier versions, which stems from the incorrect operation of the parameter filename in the file api/template.go, resulting in...
CVE-2025-6669 gooaclok819 sublinkX jwt.go hard-coded key
A vulnerability was found in gooaclok819 sublinkX up to 1.8. It has been declared as problematic. This vulnerability affects unknown code of the file middlewares/jwt.go. The manipulation with the input sublink leads to use of hard-coded cryptographic key . The attack can be initiated remotely. Th...
CVE-2025-6669
The CVE-2025-6669 entry concerns gooaclok819 sublinkX (versions up to 1.8). The root cause is in the code path middlewares/jwt.go where the input (sublink) manipulation leads to using a hard-coded cryptographic key, enabling remote exploitation. Public-admitted exploit maturity is noted (PoC). Re...
CVE-2025-6669 gooaclok819 sublinkX jwt.go hard-coded key
A vulnerability was found in gooaclok819 sublinkX up to 1.8. It has been declared as problematic. This vulnerability affects unknown code of the file middlewares/jwt.go. The manipulation with the input sublink leads to use of hard-coded cryptographic key . The attack can be initiated remotely. Th...
PT-2025-26909 · Sublinkx · Sublinkx
Name of the Vulnerable Software and Affected Versions: gooaclok819 sublinkX versions up to 1.8 Description: A vulnerability was found in the unknown code of the file middlewares/jwt.go. The manipulation with the input sublink leads to the use of a hard-coded cryptographic key. The attack can be...
sublinkX 安全漏洞
sublinkX is an open source node subscription conversion generation management system by Chen Hui, an individual developer. A security vulnerability exists in sublinkX 1.8 and earlier versions, which stems from the use of hard-coded keys in the file middlewares/jwt.go...