Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
NEXULEAN API Key Leak
Vulnerability Description
NEXULEAN is a cybersecurity portfolio & service platform for an Ethical Hacker, AI Enthusiast, and Penetration Tester. Prior to 2.0.0, a security vulnerability was identified where Firebase and Web3Forms API keys were exposed. An attacker could use these keys to interact with backend services without authentication, potentially leading to unauthorized access to application resources and user data. This vulnerability is fixed in 2.0.0.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
NEXULEAN 信任管理问题漏洞
Vulnerability Description
NEXULEAN是Stalin个人开发者的一个网络安全专业人士的个人作品集与服务展示平台。 NEXULEAN 2.0.0之前版本存在信任管理问题漏洞,该漏洞源于Firebase和Web3Forms API密钥暴露,可能导致攻击者未经身份验证与后端服务交互,从而未经授权访问应用程序资源和用户数据。
CVSS Information
N/A
Vulnerability Type
N/A