avcs.json

[
  {
    "number": 1,
    "vuln": "Open-Redirect",
    "codename": "Free deflect",
    "code": {
      "vuln": "https://raw.githubusercontent.com/Acceis/vulnerable-code-snippets/master/open-redirect/app.vuln.rb",
      "fix": "https://raw.githubusercontent.com/Acceis/vulnerable-code-snippets/master/open-redirect/app.fix.rb",
      "lang": "ruby",
      "source": "/~https://github.com/Acceis/vulnerable-code-snippets/tree/master/open-redirects"
    },
    "keywords": ["open-redirect", "regexp", "unicode", "line-feed", "ruby", "roda"],
    "announcement": {
      "fr": "https://twitter.com/acceis/status/1620096659282853892",
      "en": "https://twitter.com/acceis/status/1620096662265016321"
    },
    "solution": {
      "fr": "https://www.acceis.fr/solution-de-lextrait-de-code-vulnerable-n1",
      "en": "https://www.acceis.fr/solution-for-the-vulnerable-code-snippet-n1"
    }
  },
  {
    "number": 2,
    "vuln": "XSS",
    "codename": "Blog à blagues",
    "code": {
      "vuln": "https://raw.githubusercontent.com/Acceis/vulnerable-code-snippets/master/case-transformation-collision/app.vuln.rb",
      "fix": "https://raw.githubusercontent.com/Acceis/vulnerable-code-snippets/master/case-transformation-collision/app.fix.rb",
      "lang": "ruby",
      "source": "/~https://github.com/Acceis/vulnerable-code-snippets/tree/master/case-transformation-collision"
    },
    "keywords": ["case-transformation", "collision", "unicode", "xss", "normalization", "ruby", "roda"],
    "announcement": {
      "fr": "https://twitter.com/acceis/status/1630193980091559937",
      "en": "https://twitter.com/acceis/status/1630193982377426944"
    },
    "solution": {
      "fr": "https://www.acceis.fr/solution-de-lextrait-de-code-vulnerable-n2/",
      "en": "https://www.acceis.fr/solution-for-the-vulnerable-code-snippet-n2/"
    }
  },
  {
    "number": 3,
    "vuln": "Broken Access Control",
    "codename": "Secret manager",
    "code": {
      "vuln": "https://raw.githubusercontent.com/Acceis/vulnerable-code-snippets/master/access-control/app.vuln.js",
      "fix": "https://raw.githubusercontent.com/Acceis/vulnerable-code-snippets/master/access-control/app.fix.js",
      "lang": "javascript",
      "source": "/~https://github.com/Acceis/vulnerable-code-snippets/tree/master/access-control"
    },
    "keywords": ["access-control", "express", "node.js", "route"],
    "announcement": {
      "fr": "https://twitter.com/acceis/status/1647981700218077185",
      "en": "https://twitter.com/acceis/status/1647981702235422720"
    },
    "solution": {
      "fr": "https://www.acceis.fr/solution-de-lextrait-de-code-vulnerable-n3/",
      "en": "https://www.acceis.fr/solution-for-the-vulnerable-code-snippet-n3/"
    }
  },
  {
    "number": 4,
    "vuln": "SSRF",
    "codename": "Admin area",
    "code": {
      "vuln": "https://raw.githubusercontent.com/Acceis/vulnerable-code-snippets/master/inconsistent-values/app.vuln.rb",
      "fix": "https://raw.githubusercontent.com/Acceis/vulnerable-code-snippets/master/inconsistent-values/app.fix.rb",
      "lang": "ruby",
      "source": "/~https://github.com/Acceis/vulnerable-code-snippets/tree/master/inconsistent-values"
    },
    "keywords": ["inconsistent-values", "ssrf", "url-parsing", "bypass", "ruby", "roda"],
    "announcement": {
      "fr": "https://twitter.com/acceis/status/1660582304572481541",
      "en": "https://twitter.com/acceis/status/1660582306875158529"
    },
    "solution": {
      "fr": "https://www.acceis.fr/solution-de-lextrait-de-code-vulnerable-n4/",
      "en": "https://www.acceis.fr/solution-for-the-vulnerable-code-snippet-n4/"
    }
  },
  {
    "number": 5,
    "vuln": "SSRF",
    "codename": "My little proxy",
    "code": {
      "vuln": "https://raw.githubusercontent.com/Acceis/vulnerable-code-snippets/master/dns-rebinding/app.vuln.rb",
      "fix": "https://raw.githubusercontent.com/Acceis/vulnerable-code-snippets/master/dns-rebinding/app.fix.rb",
      "lang": "ruby",
      "source": "/~https://github.com/Acceis/vulnerable-code-snippets/tree/master/dns-rebinding"
    },
    "keywords": ["dns", "ssrf", "rebinding", "bypass", "ruby", "roda"],
    "announcement": {
      "fr": "https://twitter.com/acceis/status/1670810535300853766",
      "en": "https://twitter.com/acceis/status/1670810537947529219"
    },
    "solution": {
      "fr": "https://www.acceis.fr/solution-de-lextrait-de-code-vulnerable-n5",
      "en": "https://www.acceis.fr/solution-for-the-vulnerable-code-snippet-n5"
    }
  },
  {
    "number": 6,
    "vuln": "Resource Injection",
    "codename": "Pigments",
    "code": {
      "vuln": "https://raw.githubusercontent.com/Acceis/vulnerable-code-snippets/master/authentication-bypass/app.vuln.php",
      "fix": "https://raw.githubusercontent.com/Acceis/vulnerable-code-snippets/master/authentication-bypass/app.fix.php",
      "lang": "php",
      "source": "/~https://github.com/Acceis/vulnerable-code-snippets/tree/master/authentication-bypass"
    },
    "keywords": ["resource-injection", "authentication", "bypass", "php", "backdoor"],
    "announcement": {
      "fr": "https://twitter.com/acceis/status/1682008440766443525",
      "en": "https://twitter.com/acceis/status/1682008443354333184"
    },
    "solution": {
      "fr": "https://www.acceis.fr/solution-de-lextrait-de-code-vulnerable-n6",
      "en": "https://www.acceis.fr/solution-for-the-vulnerable-code-snippet-n6"
    }
  },
  {
    "number": 7,
    "vuln": "Local file disclosure",
    "codename": "Polygons",
    "code": {
      "vuln": "https://raw.githubusercontent.com/Acceis/vulnerable-code-snippets/master/local-file-disclosure/examples/app-vuln.rs",
      "fix": "https://raw.githubusercontent.com/Acceis/vulnerable-code-snippets/master/local-file-disclosure/examples/app-fix.rs",
      "lang": "rust",
      "source": "/~https://github.com/Acceis/vulnerable-code-snippets/tree/master/local-file-disclosure"
    },
    "keywords": ["local-file-disclosure", "path-traversal", "improper-limitation", "rust", "permissive-regexp"],
    "announcement": {
      "fr": "https://twitter.com/acceis/status/1620096659282853892",
      "en": "https://twitter.com/acceis/status/1620096662265016321"
    },
    "solution": {
      "fr": "https://www.acceis.fr/solution-de-lextrait-de-code-vulnerable-n7",
      "en": "https://www.acceis.fr/solution-for-the-vulnerable-code-snippet-n7"
    }
  }
]