Security: 0xJacky/nginx-ui
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
The json field can construct a directory traversal payload, causing arbitrary files to be writtenGHSA-prv4-rx44-f7jr published
Oct 21, 2024 by 0xJackyModerate -
The log path can be controlled, leading to arbitrary file reading.GHSA-gr34-jgw4-7j4m published
Oct 21, 2024 by 0xJackyModerate -
Unchecked logrotate settings lead to arbitrary command executionGHSA-66m6-27r9-77vm published
Oct 21, 2024 by 0xJackyHigh -
Authenticated RCE through injecting into the application config via CRLFGHSA-qcjq-7f7v-pvc8 published
Jan 28, 2024 by 0xJackyHigh -
Arbitrary file write through the Import Certificate featureGHSA-xvq9-4vpv-227m published
Jan 28, 2024 by 0xJackyHigh -
Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270)GHSA-h374-mm57-879c published
Jan 11, 2024 by 0xJackyModerate -
Authenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269)GHSA-pxmr-q2x3-9x9m published
Jan 11, 2024 by 0xJackyHigh -
Authenticated (user role) arbitrary command execution by modifying `start_cmd` setting (GHSL-2023-268)GHSA-8r25-68wm-jw35 published
Jan 11, 2024 by 0xJackyHigh
Learn more about advisories related to 0xJacky/nginx-ui in the GitHub Advisory Database