admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-08-12 19:16:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

add images for CVE-2024-1561

Browse Source
This commit is contained in:
Threekiii 2025-05-26 16:25:58 +08:00
parent a53d4b2083
commit 9bbf897d24
4 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
开发语言漏洞/Python Gradio 任意文件读取漏洞 CVE-2024-1561.md
View File

@ -29,6 +29,8 @@ docker compose up -d
环境启动后,默认未开启身份验证。你可以通过 `http://your-ip:7860` 访问该应用。
![](images/Python%20Gradio%20任意文件读取漏洞%20CVE-2024-1561/image-20250526162213787.png)
## 漏洞复现
首先,访问 `/config` 接口,获取一个组件的 `id` 字段,例如 `3`

2
开发语言漏洞/Python Gradio 目录穿越漏洞 CVE-2023-51449.md
View File

@ -27,6 +27,8 @@ docker compose up -d
环境启动后,默认未开启身份验证。你可以通过 `http://your-ip:7860` 访问该应用。
![](images/Python%20Gradio%20目录穿越漏洞%20CVE-2023-51449/image-20250526162114711.png)
## 漏洞复现
首先,使用 upload 接口上传任意文件,获取一个可访问的文件路径。

BIN
开发语言漏洞/images/Python Gradio 任意文件读取漏洞 CVE-2024-1561/image-20250526162213787.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 150 KiB

BIN
开发语言漏洞/images/Python Gradio 目录穿越漏洞 CVE-2023-51449/image-20250526162114711.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 156 KiB