Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

go

github.com/0xJacky/Nginx-UI

go

View on github.com · View on proxy.golang.org

Security Advisories for github.com/0xJacky/Nginx-UI in go

Critical
25 days ago

Nginx-UI is Vulnerable to Unauthenticated Remote Code Execution via Backup Restore GSA_kwCzR0hTQS00cHZnLXBycjMtOWN4cs4ABWSi

go github.com/0xJacky/nginx-ui
Moderate
25 days ago

Nginx-UI Settings API Exposes Protected Secrets GSA_kwCzR0hTQS1xNHc3LTU2aHItODNybc4ABWSh

go github.com/0xJacky/nginx-ui
High
25 days ago

Nginx-UI: Unauthenticated first-boot instance claim via POST /api/install allows remote bootstrap takeover GSA_kwCzR0hTQS1teHFoLXE5aDYtdjhwcc4ABWSg

go github.com/0xJacky/nginx-ui
High
25 days ago

Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim GSA_kwCzR0hTQS1oMjd2LXBoN3ctbTlmcM4ABWSf

go github.com/0xJacky/Nginx-UI
Moderate
26 days ago

Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback GSA_kwCzR0hTQS03anJyLXh3OWMtbWozOc4ABWNA

go github.com/0xJacky/Nginx-UI
High
about 1 month ago

Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services GSA_kwCzR0hTQS13cjMyLTk5aGgtNmYzNc4ABV7X

go github.com/0xJacky/Nginx-UI
High
about 1 month ago

Nginx-UI: Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints GSA_kwCzR0hTQS03OG1mLTQ4MnctNjJxas4ABVgn

go github.com/0xJacky/Nginx-UI
High
about 1 month ago

Nginx-UI: Disabled users retain full API access through previously issued bearer tokens GSA_kwCzR0hTQS14MjM0LXg1dnEtY2Myds4ABVgl

go github.com/0xJacky/Nginx-UI
Critical
2 months ago

nginx-ui's Unauthenticated MCP Endpoint Allows Remote Nginx Takeover GSA_kwCzR0hTQS1oNmMyLXgybTItbXdoZs4ABUdN

go github.com/0xJacky/Nginx-UI
High
2 months ago

nginx-UI has Unencrypted Storage of DNS API Tokens and ACME Private Keys GSA_kwCzR0hTQS01aGYyLXZoajYtZ2o5bc4ABUdM

go github.com/0xJacky/nginx-ui
Moderate
2 months ago

nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval GSA_kwCzR0hTQS1jcDhyLThqdnctdjNxZ84ABUdL

go github.com/0xJacky/Nginx-UI
High
2 months ago

nginx-ui has Race Condition that Leads to Persistent Data Corruption and Service Collapse GSA_kwCzR0hTQS1tNDY4LXhjbTYtZnhnNM4ABUdK

go github.com/uozi-tech/cosy, github.com/0xJacky/Nginx-UI
Moderate
2 months ago

Nginx Configuration Directory Vulnerable to Recursive Deletion via Improper Path Validation GSA_kwCzR0hTQS1tOHA4LTUzdmYtODM1N84ABUdJ

go github.com/0xJacky/Nginx-UI
Critical
2 months ago

nginx-ui Backup Restore Allows Tampering with Encrypted Backups GSA_kwCzR0hTQS1maGgyLWdnN3ctZ3dwcc4ABUdI

go github.com/0xJacky/Nginx-UI
Critical
3 months ago

Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure GSA_kwCzR0hTQS1nOXc1LXFmZmMtNjc2Ms4ABTO8

go github.com/0xJacky/Nginx-UI
High
over 2 years ago

Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF GSA_kwCzR0hTQS1xY2pxLTdmN3YtcHZjOM4AA47s

go github.com/0xJacky/Nginx-UI
Critical
over 2 years ago

Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature GSA_kwCzR0hTQS14dnE5LTR2cHYtMjI3bc4AA47r

go github.com/0xJacky/Nginx-UI
High
over 2 years ago

Authenticated (user role) arbitrary command execution by modifying `start_cmd` setting (GHSL-2023-268) GSA_kwCzR0hTQS04cjI1LTY4d20tanczNc4AA4Y5

go github.com/0xJacky/Nginx-UI
High
over 2 years ago

Authenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269) GSA_kwCzR0hTQS1weG1yLXEyeDMtOXg5bc4AA4Y4

go github.com/0xJacky/Nginx-UI
High
over 2 years ago

Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270) GSA_kwCzR0hTQS1oMzc0LW1tNTctODc5Y84AA4Y3

go github.com/0xJacky/Nginx-UI

Filter by Severity

High 11 Critical 5 Moderate 4