demo___customer_pitch-c4152739-a50b-4b5b-9d4d-0561461666d9.zip-extract/README.md

Path
demo___customer_pitch-c4152739-a50b-4b5b-9d4d-0561461666d9.zip-extract/README.md
Status
scanned
Type
file
Name
README.md
Extension
.md
Programming language

      
    
Mime type
text/plain
File type
exported SGML document, UTF-8 Unicode text
Tag

      
    
Rootfs path

      
    
Size
1074 (1.0 KB)
MD5
9edae601d8f04276734546522cd4093b
SHA1
b1318a53dfc7dd02dddf9f456a36d2101aa738ef
SHA256
eae44cce0b7b8870f31256041ec881247c0722310891b552963e31da20b1fd64
SHA512

      
    
SHA1_git
1d505db502a946d5bdc25fc4e5577555e66cdcdb
Is binary

      
    
Is text
True
Is archive

      
    
Is media

      
    
Is legal

      
    
Is manifest

      
    
Is readme

      
    
Is top level

      
    
Is key file

      
    
README.md | 1.0 KB |

<!-- SPDX-License-Identifier: CC-BY-4.0 Copyright (c) 2024-2026 Acme Corp. --> # Acme Demo App Synthetic application used for CuratorPro customer demos. Not for production. ## Stack - Frontend: React 18 + TypeScript - Backend: Node.js / Express - Vendored: log4j (Java), jQuery, lodash, OpenSSL, MySQL Connector ## Known issues (intentional — demo fixtures) These are *deliberately* present to give the audit walkthrough something to find. Do not "fix" them in this fixture. - `src/components/Comment.tsx:23` — `dangerouslySetInnerHTML` on unsanitised input - `src/utils/auth.js:12` — hardcoded fallback admin password - `server/routes/api.js:45` — SQL concatenation - `server/config/database.js:5` — credentials in source - `lib/crypto.js:8` — `Math.random` for security tokens - `lib/legacy.js:18` — MD5 for password hashing ## Known vulnerable dependencies - `org.apache.logging.log4j:log4j-core:2.14.1` — Log4Shell (CVE-2021-44228) - `lodash:4.17.20` — CVE-2021-23337 - `jquery:3.3.1` — CVE-2019-11358 - and more — full list in CuratorPro
Detected license expression
cc-by-4.0
Detected license expression (SPDX)
CC-BY-4.0
Percentage of license text
4.64
Copyrights
- end_line: 3
  copyright: Copyright (c) 2024-2026 Acme Corp.
  start_line: 3
Holders
- holder: Acme Corp.
  end_line: 3
  start_line: 3
Authors

      
    
License detections License expression License expression SPDX
cc_by_4_0-2c16b630-27cf-bcd4-7677-35820edb9a43 cc-by-4.0 CC-BY-4.0
Package URL License Primary language
pkg:npm/acme-demo-app@1.0.0 JavaScript