Affected by GO-2024-2480 and 12 other vulnerabilities

GO-2024-2480: Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF in github.com/0xJacky/Nginx-UI

GO-2024-2481: Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature in github.com/0xJacky/Nginx-UI

GO-2026-4614: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure in github.com/0xJacky/Nginx-UI

GO-2026-4902: nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI

GO-2026-4903: nginx-ui Backup Restore Allows Tampering with Encrypted Backups in github.com/0xJacky/Nginx-UI

GO-2026-4904: nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover in github.com/0xJacky/Nginx-UI

GO-2026-4906: nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse in github.com/0xJacky/Nginx-UI

GO-2026-4907: Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation in github.com/0xJacky/Nginx-UI

GO-2026-5210: Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints in github.com/0xJacky/Nginx-UI

GO-2026-5227: Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback in github.com/0xJacky/Nginx-UI

GO-2026-5412: Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim in github.com/0xJacky/Nginx-UI

GO-2026-5719: Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services in github.com/0xJacky/Nginx-UI

GO-2026-5733: Nginx-UI: Disabled users retain full API access through previously issued bearer tokens in github.com/0xJacky/Nginx-UI

query

package

v1.9.9 Latest Latest Go to latest Published: May 5, 2023 License: AGPL-3.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/0xJacky/Nginx-UI

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func Init(db *gorm.DB)
func SetDefault(db *gorm.DB, opts ...gen.DOOption)
type Query
- func Use(db *gorm.DB, opts ...gen.DOOption) *Query
type QueryTx

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	Q             = new(Query)
	Auth          *auth
	AuthToken     *authToken
	Cert          *cert
	ChatGPTLog    *chatGPTLog
	ConfigBackup  *configBackup
	DnsCredential *dnsCredential
	Site          *site
)

Functions ¶

func Init ¶

func Init(db *gorm.DB)

func SetDefault ¶

func SetDefault(db *gorm.DB, opts ...gen.DOOption)

Types ¶

type Query ¶

type Query struct {
	Auth          auth
	AuthToken     authToken
	Cert          cert
	ChatGPTLog    chatGPTLog
	ConfigBackup  configBackup
	DnsCredential dnsCredential
	Site          site
	// contains filtered or unexported fields
}

func Use ¶

func Use(db *gorm.DB, opts ...gen.DOOption) *Query

func (*Query) Available ¶

func (q *Query) Available() bool

func (*Query) Begin ¶

func (q *Query) Begin(opts ...*sql.TxOptions) *QueryTx

func (*Query) ReadDB ¶

func (q *Query) ReadDB() *Query

func (*Query) ReplaceDB ¶

func (q *Query) ReplaceDB(db *gorm.DB) *Query

func (*Query) Transaction ¶

func (q *Query) Transaction(fc func(tx *Query) error, opts ...*sql.TxOptions) error

func (*Query) WithContext ¶

func (q *Query) WithContext(ctx context.Context) *queryCtx

func (*Query) WriteDB ¶

func (q *Query) WriteDB() *Query

type QueryTx ¶

type QueryTx struct{ *Query }

func (*QueryTx) Commit ¶

func (q *QueryTx) Commit() error

func (*QueryTx) Rollback ¶

func (q *QueryTx) Rollback() error

func (*QueryTx) RollbackTo ¶

func (q *QueryTx) RollbackTo(name string) error

func (*QueryTx) SavePoint ¶

func (q *QueryTx) SavePoint(name string) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL