9 matches found
EUVD-2025-19430
Malicious code in bioql PyPI...
CVE-2025-6774
The CVE-2025-6774 vulnerability affects the gooaclok819 sublinkX project (versions up to 1.8). The root cause is in AddTemp (api/template.go), where manipulating the filename parameter enables path traversal. This can potentially be exploited remotely, and public exploit information exists. A fix...
sublinkX 路径遍历漏洞
sublinkX is an open source node subscription conversion and generation management system developed by Chen Hui. A path traversal vulnerability exists in sublinkX 1.8 and earlier versions, which stems from the incorrect operation of the parameter filename in the file api/template.go, resulting in...
PT-2025-27253 · Sublinkx · Sublinkx
Name of the Vulnerable Software and Affected Versions: gooaclok819 sublinkX versions up to 1.8 Description: A critical issue has been found, affecting the function AddTemp of the file api/template.go. The manipulation of the argument filename leads to path traversal. This issue can be exploited...
CVE-2025-6669 gooaclok819 sublinkX jwt.go hard-coded key
A vulnerability was found in gooaclok819 sublinkX up to 1.8. It has been declared as problematic. This vulnerability affects unknown code of the file middlewares/jwt.go. The manipulation with the input sublink leads to use of hard-coded cryptographic key . The attack can be initiated remotely. Th...
CVE-2025-6669
The CVE-2025-6669 entry concerns gooaclok819 sublinkX (versions up to 1.8). The root cause is in the code path middlewares/jwt.go where the input (sublink) manipulation leads to using a hard-coded cryptographic key, enabling remote exploitation. Public-admitted exploit maturity is noted (PoC). Re...
CVE-2025-6669 gooaclok819 sublinkX jwt.go hard-coded key
A vulnerability was found in gooaclok819 sublinkX up to 1.8. It has been declared as problematic. This vulnerability affects unknown code of the file middlewares/jwt.go. The manipulation with the input sublink leads to use of hard-coded cryptographic key . The attack can be initiated remotely. Th...
PT-2025-26909 · Sublinkx · Sublinkx
Name of the Vulnerable Software and Affected Versions: gooaclok819 sublinkX versions up to 1.8 Description: A vulnerability was found in the unknown code of the file middlewares/jwt.go. The manipulation with the input sublink leads to the use of a hard-coded cryptographic key. The attack can be...
sublinkX 安全漏洞
sublinkX is an open source node subscription conversion generation management system by Chen Hui, an individual developer. A security vulnerability exists in sublinkX 1.8 and earlier versions, which stems from the use of hard-coded keys in the file middlewares/jwt.go...