Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-32651 PoC — ChangeDetection.io 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/passive/cves/2024/CVE-2024-32651.yaml
Associated Vulnerability
Title:ChangeDetection.io 安全漏洞 (CVE-2024-32651)
Description:changedetection.io是dgtlmoon个人开发者的一个网站变更检测、监控和通知应用程序。 ChangeDetection.io 21.045之前版本存在安全漏洞,该漏洞源于使用 Jinja2 的不安全功能而导致服务器端模板注入,允许在服务器主机上执行远程命令。
Description
A Server Side Template Injection in changedetection.io caused by usage of unsafe functions of Jinja2 allows Remote Command Execution on the server host.
File Snapshot

 id: CVE-2024-32651

info:
  name: Change Detection - Server Side Template Injection
  author: edoard

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.