... Loading ...

SSD Secure Disclosure

Disclosing vulnerabilities responsibly since 2007

SSD Advisory – Mako Web-server Tutorials Multiple Unauthenticated Vulnerabilities

Vulnerabilities Summary The following advisory describe three (3) vulnerabilities found in Mako Server’s tutorial page. The vulnerabilities found are: Unauthenticated Arbitrary File Write vulnerability that leads to Remote Command Execution Unauthenticated File Disclosure Unauthenticated Server Side Request Forgery As these tutorial may be used as the basis for production code, it is important for users […]