随笔分类 - 漏洞报告
摘要:## intro Any user can update the number of questions they are allowed to ask. ## PoC There is no access limitation for users to charge their question
阅读全文
摘要:## intro Create a new user while specifying a nonexistent expire field to gain membership privileges. You can learn about the existing fields in the d
阅读全文
摘要:## intro Least Privilege Violation, control any invitations to refresh the attacker's own balance or create a new account with a specified high number
阅读全文
摘要:## Intro On the management side, ordinary users experience privilege leakage, allowing them to add new accounts. As a result, they exceed their author
阅读全文
摘要:Introduction In the springboot-openai-chatgpt web application, any user can delete another user’s chat history. Proof of Concept (POC) Figures 1 and 2
阅读全文
