cert

package

Versions in this module

v1
May 2, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
May 1, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
May 1, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Apr 23, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Apr 21, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Apr 21, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Apr 17, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Apr 4, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Mar 22, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Mar 13, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Feb 15, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Feb 4, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Jan 31, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Jan 28, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Jan 11, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Jan 7, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Jan 5, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Jan 5, 2023 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Dec 4, 2022 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Nov 28, 2022 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Nov 12, 2022 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Nov 5, 2022 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Oct 21, 2022 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Sep 24, 2022 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Sep 2, 2022 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Sep 1, 2022 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Sep 1, 2022 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Aug 18, 2022 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Aug 17, 2022 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Aug 12, 2022 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI
Aug 11, 2022 GO-2024-2462 +15 more
Alert  GO-2024-2462: Arbitrary command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2463: SQL injection in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2464: Remote command execution in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI
Alert  GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI
Alert  GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI
Alert  GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL