4 matches found
Exploit for SQL Injection in Apache Skywalking
CVE-2020-9483 PoC of SQL Injection vulCVE-2020-9483,Apache...
CVE-2020-9483
creationtimestamp| type| source ---|---|--- 2021-03-22 13:37:04+00:00| published-proof-of-concept| https://t.me/bhhub/208 2022-09-15 03:15:14+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/3879...
CVE-2020-9483
Resolved When use H2/MySQL/TiDB as Apache SkyWalking storage, the metadata query through GraphQL protocol, there is a SQL injection vulnerability, which allows to access unpexcted data. Apache SkyWalking 6.0.0 to 6.6.0, 7.0.0 H2/MySQL/TiDB storage implementations don't use the appropriate way to...
CVE-2020-9483
CVE-2020-9483 : A SQL injection in Apache SkyWalking storage when using H2/MySQL/TiDB backends, via a metadata GraphQL query. The root cause is improper SQL parameter handling in the storage implementations (versions 6.0.0–6.6.0 and 7.0.0). This could allow an attacker to access unexpected data b...