Giters

XMCyber / nodetlv2020

A simple example of Node.js server with a login API that has an exploit that can expose it's user passwords file

Repository from Github https://github.comXMCyber/nodetlv2020Repository from Github https://github.comXMCyber/nodetlv2020

This project is a nestjs project, which contain a major security issue

It has 2 routes:

POST /login: receives username and password in json form.

Example:

{
    "username" : "tamar1", 
    "password" : "12345"
}

GET /images: receives an image file name and returns the image

Example:

GET /images?filePath=logo.png

About

A simple example of Node.js server with a login API that has an exploit that can expose it's user passwords file

Languages

Language:TypeScript 89.3%Language:JavaScript 10.7%