漏洞描述
API管理系统存在未授权访问,攻击者可利用该漏洞造成用户信息泄露
API管理系统存在未授权访问
PoC代码
暂无相关漏洞推荐
- POC CVE-2019-11253: Kubernetes API Server - YAML Parsing DoS (Billion Laughs)
- POC CVE-2021-22175: GitLab CI Lint API - Server-Side Request Forgery
- POC ambassador-api-diagnostics-exposure: Ambassador API Gateway Diagnostics - Exposure
- POC CVE-2023-2734: MStore API <= 3.9.1 - Authentication Bypass
- POC CVE-2023-3277: MStore API <= 4.10.7 - Unauthorized Account Access and Privilege Escalation
- POC postrest-api-exposure: PostgREST API Server - Exposure
- docker-registry-api-unauth: docker registry api 未经批准
- wavlink-router-live-api-cgi-rce: WavLink Router Live API cgi RCE
- yapi-rce: Yapi RCE
- Docker Desktop Engine API 未授权访问漏洞
- WSO2 API Manager /carbon/generic/save_artifact_ajaxprocessor.jsp XML 外部实体注入漏洞(CVE-2020-24589)
- Richmail 邮件系统openapiservice 存在任意文件上传漏洞
- POC CVE-2019-18818: strapi CMS <3.0.0-beta.17.5 - Admin Password Reset