Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Remote Code Execution (RCE) vulnerability in super-xray via URL input
Vulnerability Description
super-xray is a vulnerability scanner (xray) GUI launcher. In version 0.1-beta, the URL is not filtered and directly spliced into the command, resulting in a possible RCE vulnerability. Users should upgrade to super-xray 0.2-beta.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
Super Xray 安全漏洞
Vulnerability Description
Super Xray是4ra1n个人开发者的一款优秀的漏洞扫描工具。 Super Xray 0.1-beta版本存在安全漏洞,该漏洞源于其URL没有被过滤并直接拼接,导致可能存在RCE漏洞。
CVSS Information
N/A
Vulnerability Type
N/A