漏洞描述
Kong API Gateway存在未授权访问漏洞,此漏洞是由于应用程序权限配置不当导致的。
Kong API Gateway 未授权访问漏洞 2
PoC代码
暂无相关漏洞推荐
-
konga-default-jwt-key: KONGA Arbitrary user login vulnerability POC
2025-09-01 | konga-default-jwt-keyThe default key of Konga JWT is oursecret, which can forge arbitrary user permissions FOFA: app=&quo... -
kongsoft-vgm-antivirus-wall-rce: 金山 VGM防毒墙 downFile.php 任意文件读取 POC
2025-09-01 | kongsoft vgm防毒墙金山 VGM防毒墙 downFile.php文件存在任意文件读取漏洞,攻击者通过漏洞可以获取服务器任意文件 "金山VGM" -
shikongzhiyou-erp-uploadstudiofile-fileupload: 时空智友ERP系统 uploadStudioFile 任意文件上传漏洞 POC
2025-09-01 | shikongzhiyou-erp时空智友ERP系统时空智友ERP系统updater.uploadStudioFile存在任意文件上传漏洞,攻击者可利用该漏洞上传恶意软件,获取对服务器的远程访问权限或者破坏系统。 FOFA:body="log... -
jindie-yunxingkong-dynamicformservice-rce: 金蝶云星空DynamicFormService.CloseForm.common.kdsvc远程代码执行漏洞 POC
2025-09-01 | 金蝶云星空DynamicFormServiceKingdee.BOS.ServiceFacade.ServicesStub.DynamicForm.DynamicFormService.CloseForm.common.kdsvc接口处存在远程代... -
SourceCodester Pet Grooming Management Software SQL注入漏洞 无POC
2025-09-22 00:22:31 | SourceCodester Pet Grooming Management SoftwareSourceCodester Pet Grooming Management Software是SourceCodester开源的一个宠物美容管理系统。 SourceCodester Pet Groo...