CVEs-PoC/2020/CVE-2020-7788.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 15:15:46 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.

POC

Reference

https://snyk.io/vuln/SNYK-JS-INI-1048974

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Live-Hack-CVE/CVE-2020-7788
https://github.com/seal-community/patches

832 B Raw Blame History

CVE-2020-7788

Description

POC

Reference

Github

832 B

Raw Blame History