Get Started

run pnpm install on the root, backend, and frontend directories
run pnpm start:dev on the root directory

Vulnerabilities

This website is published on: https://axios-ssrf.onrender.com/

Server Side Request Forgery:

I specifically used a version of axios that is vulnerable to SSRF attacks.

Go to the search bar and type an absolute URL like http://example.com

Path Traversal:

The downloads middleware is vulnerable to path traversal attacks. Because this is not a conventional controller this can't be detected by the SAST tools (semgrep and checkmarx).

Name		Name	Last commit message	Last commit date
Latest commit History 37 Commits
.github/workflows		.github/workflows
backend		backend
frontend		frontend
.gitignore		.gitignore
.prettierignore		.prettierignore
.prettierrc		.prettierrc
LICENSE		LICENSE
README.md		README.md
eslint.config.mjs		eslint.config.mjs
loggingServer.js		loggingServer.js
package.json		package.json
pnpm-lock.yaml		pnpm-lock.yaml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Get Started

Vulnerabilities

This website is published on: https://axios-ssrf.onrender.com/

Server Side Request Forgery:

Path Traversal:

About

Uh oh!

Releases

Packages

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

Get Started

Vulnerabilities

This website is published on: https://axios-ssrf.onrender.com/

Server Side Request Forgery:

Path Traversal:

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

Packages