漏洞描述
【漏洞对象】Parse Dashboard 【漏洞描述】 ParseDashboard是一个独立的仪表板,用于管理您的Parse应用程序。可以使用它来管理Parse Server应用程序。ParseDashboard提供了认证功能,但如果未设置认证可直接访问所有功能。
Parse Dashboard-未授权访问
PoC代码
暂无相关漏洞推荐
- MCPHub Dashboard JWT硬编码身份认证绕过漏洞
- OpenSearch Dashboard为存在默认口令
- OpenSearch Dashboard存在未授权访问
- POC CVE-2018-18264: Kubernetes Dashboard <1.10.1 - Authentication Bypass
- POC CVE-2021-22053: Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution
- POC CVE-2021-3223: Node RED Dashboard <2.26.2 - Local File Inclusion
- POC CVE-2021-45232: Apache APISIX Dashboard <2.10.1 - API Unauthorized Access
- POC CVE-2022-38817: Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control
- POC CVE-2023-7246: System Dashboard < 2.8.10 - Cross-Site Scripting
- POC CVE-2025-47423: Personal Weather Station Dashboard 12 - Directory Traversal
- POC CVE-2025-53364: Parse Server - GraphQL Schema Information Disclosure
- POC CVE-2021-3223: Node RED Dashboard - Directory Traversal
- POC kubernetes-dashboard-enabled: Kubernetes Dashboard for ACK Clusters - Enabled