漏洞描述
go-admin(又名 GO Admin)2.0.12 使用字符串 go-admin 作为生产 JWT 密钥。
GO Admin权限绕过(CVE-2022-42980)
PoC代码
暂无相关漏洞推荐
- hue-default-credential: Cloudera Hue Default Admin Login
- POC CVE-2005-3344: Horde Groupware Unauthenticated Admin Access
- POC CVE-2007-5728: phpPgAdmin <=4.1.1 - Cross-Site Scripting
- POC CVE-2008-5587: phpPgAdmin <=4.2.1 - Local File Inclusion
- POC CVE-2009-1151: PhpMyAdmin Scripts - Remote Code Execution
- POC CVE-2011-4926: Adminimize 1.7.22 - Cross-Site Scripting
- POC CVE-2015-2794: DotNetNuke 07.04.00 - Administration Authentication Bypass
- POC CVE-2015-2863: Kaseya Virtual System Administrator - Open Redirect
- POC CVE-2015-4127: WordPress Church Admin <0.810 - Cross-Site Scripting
- POC CVE-2016-1000126: WordPress Admin Font Editor <=1.8 - Cross-Site Scripting
- POC CVE-2016-1000138: WordPress Admin Font Editor <=1.8 - Cross-Site Scripting
- POC CVE-2016-5649: NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure
- POC CVE-2017-14524: OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect