{"name":"SlopEmu","version":"0.2.0","path_model":"/site/{scenario}/","total_scenarios":104,"urls":["http://gapbench.vibe-eval.com/site/ai-startup/","http://gapbench.vibe-eval.com/site/indie-saas/","http://gapbench.vibe-eval.com/site/hosting-panel-bypass/","http://gapbench.vibe-eval.com/site/enterprise-legacy/","http://gapbench.vibe-eval.com/site/supabase-clone/","http://gapbench.vibe-eval.com/site/naked-postgres/","http://gapbench.vibe-eval.com/site/nextjs-app/","http://gapbench.vibe-eval.com/site/graphql-api/","http://gapbench.vibe-eval.com/site/fintech-app/","http://gapbench.vibe-eval.com/site/ecommerce-advanced/","http://gapbench.vibe-eval.com/site/devops-leak/","http://gapbench.vibe-eval.com/site/poisoned-ci-action/","http://gapbench.vibe-eval.com/site/staging-env/","http://gapbench.vibe-eval.com/site/cors-misconfig/","http://gapbench.vibe-eval.com/site/mobile-backend/","http://gapbench.vibe-eval.com/site/multi-tenant-saas/","http://gapbench.vibe-eval.com/site/cms-platform/","http://gapbench.vibe-eval.com/site/auth-system/","http://gapbench.vibe-eval.com/site/internal-tools/","http://gapbench.vibe-eval.com/site/analytics-dashboard/","http://gapbench.vibe-eval.com/site/file-upload/","http://gapbench.vibe-eval.com/site/chat-app/","http://gapbench.vibe-eval.com/site/config-leak/","http://gapbench.vibe-eval.com/site/git-exposed/","http://gapbench.vibe-eval.com/site/feature-flags/","http://gapbench.vibe-eval.com/site/hybrid-modern/","http://gapbench.vibe-eval.com/site/agent-tool-abuse/","http://gapbench.vibe-eval.com/site/rag-poisoning/","http://gapbench.vibe-eval.com/site/mcp-open/","http://gapbench.vibe-eval.com/site/vector-db-leak/","http://gapbench.vibe-eval.com/site/oauth-redirect/","http://gapbench.vibe-eval.com/site/password-reset-flaws/","http://gapbench.vibe-eval.com/site/jwt-alg-confusion/","http://gapbench.vibe-eval.com/site/magic-link-otp/","http://gapbench.vibe-eval.com/site/ssrf-image-proxy/","http://gapbench.vibe-eval.com/site/sqli-raw/","http://gapbench.vibe-eval.com/site/nosql-injection/","http://gapbench.vibe-eval.com/site/ssti/","http://gapbench.vibe-eval.com/site/mass-assignment/","http://gapbench.vibe-eval.com/site/open-redirect/","http://gapbench.vibe-eval.com/site/xxe-svg/","http://gapbench.vibe-eval.com/site/zip-slip/","http://gapbench.vibe-eval.com/site/webhook-unverified/","http://gapbench.vibe-eval.com/site/stripe-paid-trust/","http://gapbench.vibe-eval.com/site/swagger-exposed/","http://gapbench.vibe-eval.com/site/sentry-dsn-leak/","http://gapbench.vibe-eval.com/site/prototype-pollution/","http://gapbench.vibe-eval.com/site/postmessage-no-origin/","http://gapbench.vibe-eval.com/site/csp-missing/","http://gapbench.vibe-eval.com/site/csrf-missing/","http://gapbench.vibe-eval.com/site/s3-public-bucket/","http://gapbench.vibe-eval.com/site/subdomain-takeover/","http://gapbench.vibe-eval.com/site/redis-open/","http://gapbench.vibe-eval.com/site/mongo-open/","http://gapbench.vibe-eval.com/site/ref0/","http://gapbench.vibe-eval.com/site/agent-confused-deputy/","http://gapbench.vibe-eval.com/site/indirect-prompt-injection/","http://gapbench.vibe-eval.com/site/llm-html-rendering/","http://gapbench.vibe-eval.com/site/request-smuggling/","http://gapbench.vibe-eval.com/site/crlf-response-splitting/","http://gapbench.vibe-eval.com/site/cache-poisoning/","http://gapbench.vibe-eval.com/site/redos/","http://gapbench.vibe-eval.com/site/insecure-deser/","http://gapbench.vibe-eval.com/site/tls-downgrade/","http://gapbench.vibe-eval.com/site/weak-randomness/","http://gapbench.vibe-eval.com/site/cookie-scope-leak/","http://gapbench.vibe-eval.com/site/download-traversal/","http://gapbench.vibe-eval.com/site/ldap-injection/","http://gapbench.vibe-eval.com/site/xpath-injection/","http://gapbench.vibe-eval.com/site/email-mime-injection/","http://gapbench.vibe-eval.com/site/dom-clobbering/","http://gapbench.vibe-eval.com/site/dom-fragment-xss/","http://gapbench.vibe-eval.com/site/pdf-html-injection/","http://gapbench.vibe-eval.com/site/markdown-html-injection/","http://gapbench.vibe-eval.com/site/oauth-token-leak-referer/","http://gapbench.vibe-eval.com/site/pkce-downgrade/","http://gapbench.vibe-eval.com/site/weak-password-policy/","http://gapbench.vibe-eval.com/site/audit-log-tamper/","http://gapbench.vibe-eval.com/site/gcp-metadata-ssrf/","http://gapbench.vibe-eval.com/site/kube-dashboard-open/","http://gapbench.vibe-eval.com/site/grpc-reflection/","http://gapbench.vibe-eval.com/site/websocket-no-origin/","http://gapbench.vibe-eval.com/site/dns-rebinding/","http://gapbench.vibe-eval.com/site/clipboard-paste-xss/","http://gapbench.vibe-eval.com/site/prompt-leak-via-error/","http://gapbench.vibe-eval.com/site/tool-output-injection/","http://gapbench.vibe-eval.com/site/function-calling-arg-poison/","http://gapbench.vibe-eval.com/site/session-fixation/","http://gapbench.vibe-eval.com/site/email-change-no-reauth/","http://gapbench.vibe-eval.com/site/host-header-injection/","http://gapbench.vibe-eval.com/site/elasticsearch-open/","http://gapbench.vibe-eval.com/site/firebase-rules-open/","http://gapbench.vibe-eval.com/site/weak-jwt-secret/","http://gapbench.vibe-eval.com/site/race-condition-balance/","http://gapbench.vibe-eval.com/site/ref-oauth/","http://gapbench.vibe-eval.com/site/ref-jwt/","http://gapbench.vibe-eval.com/site/ref-webhook/","http://gapbench.vibe-eval.com/site/ref-rls/","http://gapbench.vibe-eval.com/site/npm-typosquat/","http://gapbench.vibe-eval.com/site/docker-config-leak/","http://gapbench.vibe-eval.com/site/terraform-state-leak/","http://gapbench.vibe-eval.com/site/mcp-tool-spec-injection/","http://gapbench.vibe-eval.com/site/noisy-errors/","http://gapbench.vibe-eval.com/site/captcha-challenge/"],"scenarios":[{"id":"ai-startup","name":"AI Startup","host":"ai-startup","vulnerability":"Prompt + RAG Leakage","description":"Scrappy AI SaaS with exposed prompt config, debug env data, and a leaky support search.","path":"/site/ai-startup/","cwes":["CWE-200","CWE-306"]},{"id":"indie-saas","name":"Indie SaaS","host":"indie-saas","vulnerability":"BOLA + Secrets + Paid Bypass","description":"Solo-founder SaaS that exposes account data, billing config, client-trusted subscription upgrades, and a dashboard without auth.","path":"/site/indie-saas/","cwes":["CWE-639","CWE-602","CWE-200"]},{"id":"hosting-panel-bypass","name":"Hosting Panel Bypass","host":"hosting-panel-bypass","vulnerability":"Auth Bypass","description":"Hosting control panel that simulates a 2026-style session-loading authentication bypass on internet-exposed admin paths.","path":"/site/hosting-panel-bypass/","cwes":["CWE-288","CWE-306"]},{"id":"enterprise-legacy","name":"Enterprise Legacy","host":"enterprise-legacy","vulnerability":"Deprecated APIs + Backup Exposure","description":"Old internal stack with forgotten APIs, direct SQL dumps, and reports behind weak assumptions.","path":"/site/enterprise-legacy/","cwes":["CWE-538","CWE-200"]},{"id":"supabase-clone","name":"Supabase Clone","host":"supabase-clone","vulnerability":"Missing RLS + Config Leakage","description":"Project dashboard that loads profiles and storage metadata with an exposed anon config.","path":"/site/supabase-clone/","cwes":["CWE-862","CWE-200"]},{"id":"naked-postgres","name":"Naked Postgres","host":"naked-postgres","vulnerability":"Exposed Database Port","description":"Database console that simulates a publicly reachable Postgres service with weak network and auth settings.","path":"/site/naked-postgres/","cwes":["CWE-284","CWE-319","CWE-200"]},{"id":"nextjs-app","name":"Next.js App","host":"nextjs-app","vulnerability":"Source Maps + Public Config","description":"A modern frontend that advertises hidden flags and exposes build artifacts.","path":"/site/nextjs-app/","cwes":["CWE-200","CWE-540"]},{"id":"graphql-api","name":"GraphQL API","host":"graphql-api","vulnerability":"Introspection + Over-fetching","description":"GraphQL endpoint with enabled introspection and sensitive fields accessible to anonymous callers.","path":"/site/graphql-api/","cwes":["CWE-200","CWE-862"]},{"id":"fintech-app","name":"Fintech App","host":"fintech-app","vulnerability":"IDOR + Balance Tampering","description":"Wallet UI that preloads another customer account and accepts weak amount validation.","path":"/site/fintech-app/","cwes":["CWE-639","CWE-20"]},{"id":"ecommerce-advanced","name":"Ecommerce Advanced","host":"ecommerce-advanced","vulnerability":"Price Tampering + Coupon Abuse","description":"Checkout flow that trusts client totals, weak email validation, and exposed order lookups.","path":"/site/ecommerce-advanced/","cwes":["CWE-602","CWE-639"]},{"id":"devops-leak","name":"DevOps Leak","host":"devops-leak","vulnerability":"Backup + CI Leakage","description":"Operations panel with deploy workflow files, verbose logs, and a downloadable backup archive.","path":"/site/devops-leak/","cwes":["CWE-538","CWE-200"]},{"id":"poisoned-ci-action","name":"Poisoned CI Action","host":"poisoned-ci-action","vulnerability":"CI Supply Chain","description":"Release pipeline that simulates compromised automation credentials, retagged actions, and leaked workflow secrets.","path":"/site/poisoned-ci-action/","cwes":["CWE-522","CWE-829"]},{"id":"staging-env","name":"Staging Env","host":"staging-env","vulnerability":"Open Staging + Weak Auth","description":"Staging UI that automatically loads internal users and skips normal gatekeeping.","path":"/site/staging-env/","cwes":["CWE-306","CWE-200"]},{"id":"cors-misconfig","name":"CORS Misconfig","host":"cors-misconfig","vulnerability":"Wildcard Origin + Credentials","description":"API playground that highlights a permissive credentialed CORS policy.","path":"/site/cors-misconfig/","cwes":["CWE-942","CWE-306"]},{"id":"mobile-backend","name":"Mobile Backend","host":"mobile-backend","vulnerability":"Header Bypass + Hardcoded Keys","description":"Backend docs that encourage trusting mobile headers and exposing versioned admin APIs.","path":"/site/mobile-backend/","cwes":["CWE-290","CWE-798"]},{"id":"multi-tenant-saas","name":"Multi Tenant SaaS","host":"multi-tenant-saas","vulnerability":"Tenant Isolation Failure","description":"Tenant switcher that happily loads users from another org when the ID changes.","path":"/site/multi-tenant-saas/","cwes":["CWE-284","CWE-639"]},{"id":"cms-platform","name":"CMS Platform","host":"cms-platform","vulnerability":"Stored + Form XSS","description":"Simple editorial dashboard that stores unsafe HTML and reflects form preview content back into raw HTML.","path":"/site/cms-platform/","cwes":["CWE-79","CWE-602"]},{"id":"auth-system","name":"Auth System","host":"auth-system","vulnerability":"JWT Debug Leakage","description":"Login panel with weak email validation, reusable tokens, and a leaked signing secret.","path":"/site/auth-system/","cwes":["CWE-287","CWE-798"]},{"id":"internal-tools","name":"Internal Tools","host":"internal-tools","vulnerability":"Ops Dashboard Exposure","description":"No-login operations console with internal APIs and support shortcuts rendered on load.","path":"/site/internal-tools/","cwes":["CWE-306","CWE-200"]},{"id":"analytics-dashboard","name":"Analytics Dashboard","host":"analytics-dashboard","vulnerability":"Sensitive Metrics Exposure","description":"Open metrics board that fetches revenue and customer health data on first paint.","path":"/site/analytics-dashboard/","cwes":["CWE-200","CWE-306"]},{"id":"file-upload","name":"File Upload Service","host":"file-upload","vulnerability":"Unrestricted Upload + Traversal","description":"Upload widget that accepts arbitrary names, weak content checks, and traversal-style reads.","path":"/site/file-upload/","cwes":["CWE-434","CWE-22"]},{"id":"chat-app","name":"Chat App","host":"chat-app","vulnerability":"Stored XSS + Message Leakage","description":"Shared chat room that stores raw HTML and leaks other room traffic into the default view.","path":"/site/chat-app/","cwes":["CWE-79","CWE-200"]},{"id":"config-leak","name":"Config Leak","host":"config-leak","vulnerability":"Debug Config Exposure","description":"Settings page that loads environment, feature flags, and internal hostnames into the browser.","path":"/site/config-leak/","cwes":["CWE-200","CWE-489"]},{"id":"git-exposed","name":"Git Exposed","host":"git-exposed","vulnerability":".git Exposure","description":"Minimal site whose public surface includes live repository metadata files.","path":"/site/git-exposed/","cwes":["CWE-200","CWE-538"]},{"id":"feature-flags","name":"Feature Flag App","host":"feature-flags","vulnerability":"Unsafe Client Flags","description":"Frontend boot script enables admin and bypass flows before the server checks anything.","path":"/site/feature-flags/","cwes":["CWE-602","CWE-306"]},{"id":"hybrid-modern","name":"Hybrid Modern App","host":"hybrid-modern","vulnerability":"Mixed Secure and Insecure Flows","description":"Calibration target with intentionally mixed results so scanners can measure precision as well as recall.","path":"/site/hybrid-modern/","cwes":["CWE-200","CWE-602"]},{"id":"agent-tool-abuse","name":"Agent Tool Abuse","host":"agent-tool-abuse","vulnerability":"LLM Tool Hijack","description":"Chat agent concatenates user input into the system prompt and exposes shell, fetch, and fs tools that anyone can drive.","path":"/site/agent-tool-abuse/","cwes":["CWE-77","CWE-94"]},{"id":"rag-poisoning","name":"RAG Poisoning","host":"rag-poisoning","vulnerability":"Public Index Poisoning","description":"Knowledge base accepts public uploads and treats poisoned chunks as authoritative answers.","path":"/site/rag-poisoning/","cwes":["CWE-77","CWE-200"]},{"id":"mcp-open","name":"Open MCP Server","host":"mcp-open","vulnerability":"Unauth MCP Tools","description":"Internet-reachable MCP server with no auth that exposes shell.exec, db.query, and secrets.read.","path":"/site/mcp-open/","cwes":["CWE-306","CWE-200"]},{"id":"vector-db-leak","name":"Vector DB Leak","host":"vector-db-leak","vulnerability":"Vector Key + Cross-Tenant","description":"Frontend ships a Pinecone key and the search endpoint accepts a wildcard namespace across tenants.","path":"/site/vector-db-leak/","cwes":["CWE-798","CWE-200"]},{"id":"oauth-redirect","name":"OAuth Redirect","host":"oauth-redirect","vulnerability":"Open redirect_uri + No State","description":"OAuth authorize endpoint trusts arbitrary redirect_uri values and never verifies state or PKCE.","path":"/site/oauth-redirect/","cwes":["CWE-601","CWE-1275"]},{"id":"password-reset-flaws","name":"Password Reset Flaws","host":"password-reset-flaws","vulnerability":"Recovery Token Weakness","description":"Reset flow leaks account existence, ships tokens in URLs, and accepts predictable 6-digit values.","path":"/site/password-reset-flaws/","cwes":["CWE-640","CWE-204"]},{"id":"jwt-alg-confusion","name":"JWT Alg Confusion","host":"jwt-alg-confusion","vulnerability":"alg=none + kid Traversal","description":"Verifier accepts alg=none and dereferences attacker-controlled kid paths.","path":"/site/jwt-alg-confusion/","cwes":["CWE-347","CWE-327"]},{"id":"magic-link-otp","name":"Magic Link \u0026 OTP","host":"magic-link-otp","vulnerability":"Brute-forceable Auth Codes","description":"Passwordless flow with no rate limit, 6-digit OTP, and reusable long-TTL magic links.","path":"/site/magic-link-otp/","cwes":["CWE-307","CWE-294"]},{"id":"ssrf-image-proxy","name":"SSRF Image Proxy","host":"ssrf-image-proxy","vulnerability":"Server-Side Request Forgery","description":"Avatar resizer fetches arbitrary URLs including cloud metadata, internal services, and file://.","path":"/site/ssrf-image-proxy/","cwes":["CWE-918"]},{"id":"sqli-raw","name":"Raw SQL Injection","host":"sqli-raw","vulnerability":"SQL Injection","description":"User search builds SQL by string concatenation and reflects errors back to the client.","path":"/site/sqli-raw/","cwes":["CWE-89"]},{"id":"nosql-injection","name":"NoSQL Operator Injection","host":"nosql-injection","vulnerability":"Mongo Operator Injection","description":"Login passes JSON sub-objects into Mongo so $ne/$gt operators bypass authentication.","path":"/site/nosql-injection/","cwes":["CWE-943"]},{"id":"ssti","name":"Server-Side Template Injection","host":"ssti","vulnerability":"Template Injection","description":"Newsletter previewer evaluates user-supplied templates with access to env globals.","path":"/site/ssti/","cwes":["CWE-94","CWE-1336"]},{"id":"mass-assignment","name":"Mass Assignment","host":"mass-assignment","vulnerability":"Unrestricted Field Update","description":"Profile PATCH spreads request body into the user record and lets clients write is_admin.","path":"/site/mass-assignment/","cwes":["CWE-915"]},{"id":"open-redirect","name":"Open Redirect","host":"open-redirect","vulnerability":"Unvalidated next= Param","description":"Login callback honors any next URL, including protocol-relative and javascript: payloads.","path":"/site/open-redirect/","cwes":["CWE-601"]},{"id":"xxe-svg","name":"XXE in SVG","host":"xxe-svg","vulnerability":"XML External Entities","description":"SVG parser resolves external entities and embeds their contents into the rendered output.","path":"/site/xxe-svg/","cwes":["CWE-611"]},{"id":"zip-slip","name":"Zip Slip","host":"zip-slip","vulnerability":"Archive Path Traversal","description":"Archive importer writes entries using their raw filenames, escaping the upload directory.","path":"/site/zip-slip/","cwes":["CWE-22","CWE-434"]},{"id":"webhook-unverified","name":"Webhook Unverified","host":"webhook-unverified","vulnerability":"Webhook Signature Bypass","description":"Stripe and GitHub webhook handlers skip signature checks or use weak ==.","path":"/site/webhook-unverified/","cwes":["CWE-345","CWE-347"]},{"id":"stripe-paid-trust","name":"Stripe Paid-Param Trust","host":"stripe-paid-trust","vulnerability":"Client-Trusted Payment Flag","description":"Checkout success page upgrades plans based on URL query params instead of verifying with Stripe.","path":"/site/stripe-paid-trust/","cwes":["CWE-602"]},{"id":"swagger-exposed","name":"Swagger UI Exposed","host":"swagger-exposed","vulnerability":"API Doc Exposure","description":"Swagger UI is reachable with a pre-filled bearer token and lists every admin endpoint.","path":"/site/swagger-exposed/","cwes":["CWE-200","CWE-306"]},{"id":"sentry-dsn-leak","name":"Sentry / Telemetry Keys","host":"sentry-dsn-leak","vulnerability":"Telemetry Key Exposure","description":"Frontend bundle exposes Sentry DSN, PostHog write key, and Datadog client token.","path":"/site/sentry-dsn-leak/","cwes":["CWE-200","CWE-798"]},{"id":"prototype-pollution","name":"Prototype Pollution","host":"prototype-pollution","vulnerability":"Object Prototype Pollution","description":"Deep-merge endpoint walks __proto__ keys, polluting global config and feature flags.","path":"/site/prototype-pollution/","cwes":["CWE-1321"]},{"id":"postmessage-no-origin","name":"postMessage No Origin","host":"postmessage-no-origin","vulnerability":"Cross-Window Message Trust","description":"Parent page accepts postMessage events from any origin and runs privileged actions.","path":"/site/postmessage-no-origin/","cwes":["CWE-346","CWE-940"]},{"id":"csp-missing","name":"Missing CSP / Headers","host":"csp-missing","vulnerability":"Security Headers Absent","description":"Responses ship without CSP, X-Frame-Options, or HSTS, enabling framing and inline scripts.","path":"/site/csp-missing/","cwes":["CWE-1021"]},{"id":"csrf-missing","name":"CSRF Missing","host":"csrf-missing","vulnerability":"Cross-Site Request Forgery","description":"Email change form has no CSRF token and the session cookie is set with SameSite=None.","path":"/site/csrf-missing/","cwes":["CWE-352"]},{"id":"s3-public-bucket","name":"Public S3 Bucket","host":"s3-public-bucket","vulnerability":"Public List + PUT","description":"User-content bucket grants ListBucket and PutObject to wildcard principal.","path":"/site/s3-public-bucket/","cwes":["CWE-732","CWE-200"]},{"id":"subdomain-takeover","name":"Subdomain Takeover","host":"subdomain-takeover","vulnerability":"Dangling DNS Record","description":"Marketing subdomain CNAMEs to a deleted Heroku app and is claimable by anyone.","path":"/site/subdomain-takeover/","cwes":["CWE-284","CWE-1395"]},{"id":"redis-open","name":"Open Redis","host":"redis-open","vulnerability":"Public Cache Exposure","description":"Redis bound to 0.0.0.0:6379 with no requirepass, leaking sessions and live commands.","path":"/site/redis-open/","cwes":["CWE-306","CWE-319"]},{"id":"mongo-open","name":"Open MongoDB","host":"mongo-open","vulnerability":"Public Document Store","description":"MongoDB bound publicly with --noauth, exposing tenant DBs and password hashes.","path":"/site/mongo-open/","cwes":["CWE-306","CWE-200"]},{"id":"ref0","name":"ref0 (Clean Reference)","host":"ref0","vulnerability":"None (true-negative control)","description":"Clean reference site with auth required, validated input, secure cookies, and full security headers. Any finding here is a false positive.","path":"/site/ref0/"},{"id":"agent-confused-deputy","name":"Agent Confused Deputy","host":"agent-confused-deputy","vulnerability":"Confused Deputy","description":"Agent uses caller's bearer token but operates on an as_user param without authorization checks.","path":"/site/agent-confused-deputy/","cwes":["CWE-441","CWE-285"]},{"id":"indirect-prompt-injection","name":"Indirect Prompt Injection","host":"indirect-prompt-injection","vulnerability":"LLM Tool Misdirection","description":"Agent fetches user-supplied URLs and follows hidden instructions embedded in the page content.","path":"/site/indirect-prompt-injection/","cwes":["CWE-77","CWE-94"]},{"id":"llm-html-rendering","name":"LLM Output as HTML","host":"llm-html-rendering","vulnerability":"Trust in Model Output","description":"Frontend renders model output via innerHTML, executing any HTML the model emits.","path":"/site/llm-html-rendering/","cwes":["CWE-79","CWE-94"]},{"id":"request-smuggling","name":"HTTP Request Smuggling","host":"request-smuggling","vulnerability":"CL.TE Desync","description":"Front and back proxies disagree on Content-Length vs Transfer-Encoding, smuggling hidden requests.","path":"/site/request-smuggling/","cwes":["CWE-444"]},{"id":"crlf-response-splitting","name":"CRLF Response Splitting","host":"crlf-response-splitting","vulnerability":"Header Injection","description":"User input is reflected into Location without stripping CRLF, allowing extra headers.","path":"/site/crlf-response-splitting/","cwes":["CWE-93","CWE-113"]},{"id":"cache-poisoning","name":"Cache Poisoning","host":"cache-poisoning","vulnerability":"Unkeyed Header Reflection","description":"Origin reflects X-Forwarded-Host into the body but the CDN omits it from the cache key.","path":"/site/cache-poisoning/","cwes":["CWE-345"]},{"id":"redos","name":"Regex DoS","host":"redos","vulnerability":"Catastrophic Backtracking","description":"Validator regex backtracks exponentially in input length, allowing CPU pegging.","path":"/site/redos/","cwes":["CWE-1333"]},{"id":"insecure-deser","name":"Insecure Deserialization","host":"insecure-deser","vulnerability":"Unsafe Pickle / Jackson","description":"Importer pipes user bytes into pickle.loads and accepts polymorphic Jackson types.","path":"/site/insecure-deser/","cwes":["CWE-502"]},{"id":"tls-downgrade","name":"TLS Downgrade","host":"tls-downgrade","vulnerability":"Weak Transport","description":"Sensitive paths over HTTP, TLS 1.0 with RC4, expired certificate, no HSTS.","path":"/site/tls-downgrade/","cwes":["CWE-319","CWE-326"]},{"id":"weak-randomness","name":"Weak Randomness","host":"weak-randomness","vulnerability":"Predictable Tokens","description":"Tokens derived from math/rand seeded by Unix seconds; sequential output is predictable.","path":"/site/weak-randomness/","cwes":["CWE-330","CWE-338"]},{"id":"cookie-scope-leak","name":"Cookie Scope Leak","host":"cookie-scope-leak","vulnerability":"Overbroad Domain","description":"Session cookie set with Domain=.example.com travels to every subdomain including third-party hosts.","path":"/site/cookie-scope-leak/","cwes":["CWE-539"]},{"id":"download-traversal","name":"Download Path Traversal","host":"download-traversal","vulnerability":"Read-Side Traversal","description":"Download endpoint joins user filename into base path without normalization.","path":"/site/download-traversal/","cwes":["CWE-22","CWE-200"]},{"id":"ldap-injection","name":"LDAP Injection","host":"ldap-injection","vulnerability":"Filter Injection","description":"Directory search builds LDAP filters by string concatenation, allowing wildcard matches.","path":"/site/ldap-injection/","cwes":["CWE-90"]},{"id":"xpath-injection","name":"XPath Injection","host":"xpath-injection","vulnerability":"XPath Tautology","description":"Legacy XML auth concatenates user input into the XPath query, enabling tautology bypass.","path":"/site/xpath-injection/","cwes":["CWE-643"]},{"id":"email-mime-injection","name":"Email MIME Injection","host":"email-mime-injection","vulnerability":"SMTP Header Injection","description":"Contact form passes subject into SMTP headers without stripping CRLF, allowing Bcc injection.","path":"/site/email-mime-injection/","cwes":["CWE-93","CWE-150"]},{"id":"dom-clobbering","name":"DOM Clobbering","host":"dom-clobbering","vulnerability":"Global Name Clobber","description":"Boot script reads window.config but a comment-stored form with name=\"config\" clobbers it.","path":"/site/dom-clobbering/","cwes":["CWE-1321"]},{"id":"dom-fragment-xss","name":"DOM Fragment XSS","host":"dom-fragment-xss","vulnerability":"innerHTML on location.hash","description":"Banner reads location.hash and writes it via innerHTML, executing fragment payloads.","path":"/site/dom-fragment-xss/","cwes":["CWE-79"]},{"id":"pdf-html-injection","name":"PDF HTML Injection","host":"pdf-html-injection","vulnerability":"Server-Side HTML in PDF","description":"Invoice PDF generator interpolates user input into HTML with file:// access enabled.","path":"/site/pdf-html-injection/","cwes":["CWE-79","CWE-918"]},{"id":"markdown-html-injection","name":"Markdown HTML Injection","host":"markdown-html-injection","vulnerability":"Unsanitized Markdown","description":"Markdown renderer keeps sanitize:false so embedded HTML and scripts reach the page.","path":"/site/markdown-html-injection/","cwes":["CWE-79"]},{"id":"oauth-token-leak-referer","name":"OAuth Token via Referer","host":"oauth-token-leak-referer","vulnerability":"Token Leak via Referer","description":"Callback page loads a third-party CDN script while access tokens sit in the URL fragment.","path":"/site/oauth-token-leak-referer/","cwes":["CWE-200","CWE-201"]},{"id":"pkce-downgrade","name":"PKCE Downgrade","host":"pkce-downgrade","vulnerability":"Optional PKCE Verifier","description":"Token endpoint accepts authorization codes without verifying code_verifier.","path":"/site/pkce-downgrade/","cwes":["CWE-345"]},{"id":"weak-password-policy","name":"Weak Password Policy","host":"weak-password-policy","vulnerability":"Weak Credentials","description":"Signup accepts 5-character passwords with no breach check and a global rate limit.","path":"/site/weak-password-policy/","cwes":["CWE-521","CWE-307"]},{"id":"audit-log-tamper","name":"Audit Log Tamper","host":"audit-log-tamper","vulnerability":"Trusted Client Audit Fields","description":"Audit writer accepts client-supplied timestamps and actor IDs and never escapes newlines.","path":"/site/audit-log-tamper/","cwes":["CWE-117","CWE-345"]},{"id":"gcp-metadata-ssrf","name":"GCP Metadata SSRF","host":"gcp-metadata-ssrf","vulnerability":"Cloud Metadata Exposure","description":"Proxy reaches GCP and Azure metadata services and returns service-account tokens.","path":"/site/gcp-metadata-ssrf/","cwes":["CWE-918"]},{"id":"kube-dashboard-open","name":"Open Kubernetes Dashboard","host":"kube-dashboard-open","vulnerability":"Anonymous Cluster Access","description":"Dashboard uses --enable-skip-login and apiserver permits anonymous list of namespaces and secrets.","path":"/site/kube-dashboard-open/","cwes":["CWE-306","CWE-200"]},{"id":"grpc-reflection","name":"gRPC Reflection Enabled","host":"grpc-reflection","vulnerability":"Schema Disclosure","description":"Production gRPC server registers the reflection service, exposing admin RPCs and field shapes.","path":"/site/grpc-reflection/","cwes":["CWE-200","CWE-306"]},{"id":"websocket-no-origin","name":"WebSocket No Origin Check","host":"websocket-no-origin","vulnerability":"Cross-Origin WS Hijack","description":"Upgrade handler accepts any Origin and cookies travel on the upgrade.","path":"/site/websocket-no-origin/","cwes":["CWE-346"]},{"id":"dns-rebinding","name":"DNS Rebinding","host":"dns-rebinding","vulnerability":"Host-Header Trust","description":"Local-only admin gates by Host: localhost; a 5s TTL DNS flip lets victim browsers bypass it.","path":"/site/dns-rebinding/","cwes":["CWE-350"]},{"id":"clipboard-paste-xss","name":"Clipboard Paste XSS","host":"clipboard-paste-xss","vulnerability":"innerHTML on Paste","description":"Rich paste handler reads text/html from clipboard and writes it via innerHTML.","path":"/site/clipboard-paste-xss/","cwes":["CWE-79"]},{"id":"prompt-leak-via-error","name":"Prompt Leak via Error","host":"prompt-leak-via-error","vulnerability":"Verbose Error Disclosure","description":"500 responses include the rendered prompt, retrieved chunks, and stack traces.","path":"/site/prompt-leak-via-error/","cwes":["CWE-209","CWE-200"]},{"id":"tool-output-injection","name":"Tool Output Injection","host":"tool-output-injection","vulnerability":"Unsanitized Tool Loop","description":"Agent feeds tool output back into prompt, so tool results containing instructions hijack the loop.","path":"/site/tool-output-injection/","cwes":["CWE-94","CWE-77"]},{"id":"function-calling-arg-poison","name":"Function-Calling Arg Poison","host":"function-calling-arg-poison","vulnerability":"Untyped Tool Args to SQL/Shell","description":"Function-calling schema accepts free-form strings the backend interpolates into SQL or exec.","path":"/site/function-calling-arg-poison/","cwes":["CWE-94","CWE-77"]},{"id":"session-fixation","name":"Session Fixation","host":"session-fixation","vulnerability":"Session Not Regenerated","description":"Login keeps the pre-auth session ID, so an attacker-planted cookie remains valid post-login.","path":"/site/session-fixation/","cwes":["CWE-384"]},{"id":"email-change-no-reauth","name":"Email Change No Reauth","host":"email-change-no-reauth","vulnerability":"ATO via Email Rotation","description":"Email change requires only a session, then password reset goes to the new email.","path":"/site/email-change-no-reauth/","cwes":["CWE-287","CWE-862"]},{"id":"host-header-injection","name":"Host Header Injection","host":"host-header-injection","vulnerability":"Reset Link Poisoning","description":"Reset mailer builds the link from the inbound Host header with no allow-list.","path":"/site/host-header-injection/","cwes":["CWE-644","CWE-201"]},{"id":"elasticsearch-open","name":"Open Elasticsearch","host":"elasticsearch-open","vulnerability":"Public Search Cluster","description":"Elasticsearch with security disabled exposes _cat/indices and _search across tenants.","path":"/site/elasticsearch-open/","cwes":["CWE-306","CWE-200"]},{"id":"firebase-rules-open","name":"Open Firebase Rules","host":"firebase-rules-open","vulnerability":"Permissive Realtime Rules","description":"Firebase realtime rules set to .read/.write true, allowing anonymous dump and overwrite.","path":"/site/firebase-rules-open/","cwes":["CWE-862","CWE-306"]},{"id":"weak-jwt-secret","name":"Weak JWT Secret","host":"weak-jwt-secret","vulnerability":"Dictionary HMAC Secret","description":"HS256 secret is the literal word 'secret', shared across staging and production.","path":"/site/weak-jwt-secret/","cwes":["CWE-321","CWE-798"]},{"id":"race-condition-balance","name":"Race-Condition Balance","host":"race-condition-balance","vulnerability":"TOCTOU Withdraw","description":"Read-decide-write withdraw without a transaction lets concurrent requests both succeed.","path":"/site/race-condition-balance/","cwes":["CWE-362","CWE-367"]},{"id":"ref-oauth","name":"ref-oauth (Clean Reference)","host":"ref-oauth","vulnerability":"None (true-negative control)","description":"Reference OAuth flow with exact-match redirect_uri, required state, and enforced PKCE.","path":"/site/ref-oauth/"},{"id":"ref-jwt","name":"ref-jwt (Clean Reference)","host":"ref-jwt","vulnerability":"None (true-negative control)","description":"Reference JWT verifier with RS256 only, kid allow-list, and rejection of alg=none/HS256.","path":"/site/ref-jwt/"},{"id":"ref-webhook","name":"ref-webhook (Clean Reference)","host":"ref-webhook","vulnerability":"None (true-negative control)","description":"Reference Stripe webhook with required signature, constant-time HMAC compare, per-env secret.","path":"/site/ref-webhook/"},{"id":"ref-rls","name":"ref-rls (Clean Reference)","host":"ref-rls","vulnerability":"None (true-negative control)","description":"Reference Supabase-style profiles endpoint with row-level security enforced server-side.","path":"/site/ref-rls/"},{"id":"npm-typosquat","name":"NPM Typosquat","host":"npm-typosquat","vulnerability":"Supply Chain Typosquat","description":"package.json depends on a typo of a popular package whose preinstall script exfiltrates env vars.","path":"/site/npm-typosquat/","cwes":["CWE-829","CWE-1357"]},{"id":"docker-config-leak","name":"Docker Config Leak","host":"docker-config-leak","vulnerability":"Registry Auth Exposure","description":"Web root serves ~/.docker/config.json, leaking registry credentials and helper-store metadata.","path":"/site/docker-config-leak/","cwes":["CWE-200","CWE-538"]},{"id":"terraform-state-leak","name":"Terraform State Leak","host":"terraform-state-leak","vulnerability":"Public IaC State","description":"S3 bucket holding terraform.tfstate is publicly readable, exposing inline secrets and resource layout.","path":"/site/terraform-state-leak/","cwes":["CWE-538","CWE-200"]},{"id":"mcp-tool-spec-injection","name":"MCP Tool Spec Injection","host":"mcp-tool-spec-injection","vulnerability":"Poisoned Tool Descriptions","description":"MCP client trusts tool descriptions from a third-party server, which embed hidden instructions the agent obeys.","path":"/site/mcp-tool-spec-injection/","cwes":["CWE-77","CWE-94"]},{"id":"noisy-errors","name":"Noisy Errors","host":"noisy-errors","vulnerability":"None (calibration target)","description":"Bootstrap returns 500/503/404/malformed JSON and the page emits console.error and a thrown JS exception. Robustness check, not a vulnerability.","path":"/site/noisy-errors/"},{"id":"captcha-challenge","name":"Captcha / Bot Challenge","host":"captcha-challenge","vulnerability":"None (calibration target)","description":"Cloudflare-style interstitial with __cf_bm and cf_clearance cookies, Turnstile-like widget, and content that only settles after JS runs.","path":"/site/captcha-challenge/"}]}