6 matches found
Casdoor 1.13.0 - Unauthenticated SQL Injection
Casdoor version 1.13.0 suffers from a remote unauthenticated SQL injection vulnerability via the query API in Casdoor before 1.13.1 related to the field and value parameters, as demonstrated by api/get-organizations. id: CVE-2022-24124 info: name: Casdoor 1.13.0 - Unauthenticated SQL Injection...
evennia (>=1.0.0 <=6.0.0), fastapi-casbin-auth (>=1.3.0 <=1.5.0) +6 more potentially affected by CVE-2026-32640 via simpleeval (>=1.0.0 <=1.0.4)
simpleeval PYPI version =1.0.0, =1.0.0, =1.3.0, =2.8.0, =3.2.0, =1.0.0, =0.53.6, =0.54.0a10 Source cves: CVE-2026-32640 Source advisory: SNYK:PYTHON-SIMPLEEVAL-15610288...
actix-casbin (>=0.1.0 <=0.3.3), actix-casbin-auth (>=0.1.0 <=0.3.2) +29 more potentially affected by CVE-2024-36760 via rhai (>=0.11.1 <=1.16.3)
rhai CARGO version =0.11.1, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =0.1.0, =0.5.1, =0.1.0, =0.0.1-beta1, =3.1.0, =0.1.0, =0.1.1 - infinite-db-frp =0.1.0 and more Source cves: CVE-2024-36760 Source advisory: OSV:GHSA-67FV-9R7G-432H...
com.clever-cloud:biscuit-pulsar (=3.2.1), com.github.shoothzj:test-pulsar (>=3.1.12 <=3.1.15) +12 more potentially affected by CVE-2023-37544 via org.apache.pulsar:pulsar-websocket (>=1.19.0-incubating <=2.10.4)
org.apache.pulsar:pulsar-websocket MAVEN version =1.19.0-incubating, =3.1.12, =0.0.1, =2.0.0-rc1-incubating, =1.19.0-incubating, =1.19.0-incubating, =2.10.0, =2.10.0, =2.0.0-rc1-incubating, =2.10.0, =2.10.0, =1.19.0-incubating, =1.0.0, =1.1.0 Source cves: CVE-2023-37544 Source advisory:...
Exploit for SQL Injection in Casbin Casdoor
POC for CVE-2022-24124 Exploit Code for CVE-2022-24124ht...
Exploit for SQL Injection in Casbin Casdoor
POC for CVE-2022-24124 Exploit Code for CVE-2022-24124ht...