Submit #790287: liangliangyy DjangoBlog <= 2.1.0.0 Hardcoded Credentialsinfo

Titleliangliangyy DjangoBlog <= 2.1.0.0 Hardcoded Credentials
DescriptionDjangoBlog through x.x.x.x contains a hardcoded Amap (Gaode Maps) API key in owntracks/views.py. The key is publicly exposed in the open-source repository and can be abused for unauthorized API calls, potentially incurring costs and enabling location data queries.
Source⚠️ https://github.com/3em0/cve_repo/blob/main/DjangoBlog/Vuln-5-Hardcoded-Amap-API-Key.md
User
 Dem0 (UID 82596)
Submission03/26/2026 17:09 (26 days ago)
Moderation04/19/2026 07:11 (24 days later)
StatusAccepted
VulDB entry358215 [liangliangyy DjangoBlog up to 2.1.0.0 Amap API Call owntracks/views.py key hard-coded key]
Points17

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!