Lucene search
+L

14 matches found

Nuclei
Nuclei
added 2026/06/25 5:45 a.m.244 views

Rocket.Chat <=3.13 - NoSQL Injection

Rocket.Chat 3.11, 3.12 and 3.13 contains a NoSQL injection vulnerability which allows unauthenticated access to an API endpoint. An attacker can possibly obtain sensitive information from a database, modify data, and/or execute unauthorized administrative operations in the context of the affected...

9.8CVSS7.3AI score0.95242EPSS
Exploits16References6
RedhatCVE
RedhatCVE
added 2026/01/09 11:18 a.m.6 views

CVE-2021-22911

A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE...

9.8CVSS6.8AI score0.95242EPSS
Exploits16References1
GithubExploit
GithubExploit
added 2023/06/19 11:56 p.m.342 views

Exploit for Special Element Injection in Rocket.Chat

CVE-2021-22911 If you have already registered...

9.8CVSS9.5AI score0.95242EPSS
Exploits16
GithubExploit
GithubExploit
added 2021/09/19 11:43 a.m.156 views

Exploit for Special Element Injection in Rocket.Chat

CVE-2021-22911 Modifed ver of the original exploit to save som...

9.8CVSS9.6AI score0.95242EPSS
Exploits16
Check Point Advisories
Check Point Advisories
added 2021/08/02 12:0 a.m.11 views

Rocket.Chat NoSQL injection (CVE-2021-22911)

A NoSQL injection vulnerability exists in Rocket.Chat. Successful exploitation of this vulnerability could allow attackers to inject commands and execute arbitrary code on the affected system...

7.5CVSS7AI score0.95242EPSS
Exploits16
GithubExploit
GithubExploit
added 2021/07/30 9:44 p.m.200 views

Exploit for Special Element Injection in Rocket.Chat

Rocket.Chat Automated Unauthenticated Account Takeover to RCE...

9.8CVSS9.4AI score0.95242EPSS
Exploits16
seebug.org
seebug.org
added 2021/07/23 12:0 a.m.556 views

Rocket.Chat 3.12.1远程代码执行(CVE-2021-22911)

Title: Rocket.Chat 3.12.1 - NoSQL Injection to RCE Unauthenticated 2 Author: enox Date: 06-06-2021 Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 3.12.1 2 CVE: CVE-2021-22911 Credits: https://blog.sonarsource.com/nosql-injections-in-rocket-chat Info : This is a...

7.5CVSS0.3AI score0.95242EPSS
Exploits16
Packet Storm
Packet Storm
added 2021/07/07 12:0 a.m.454 views

Rocket.Chat 3.12.1 NoSQL Injection / Code Execution

Title: Rocket.Chat 3.12.1 - NoSQL Injection to RCE Unauthenticated 2 Author: enox Date: 06-06-2021 Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 3.12.1 2 CVE: CVE-2021-22911 Credits: https://blog.sonarsource.com/nosql-injections-in-rocket-chat Info : This is a...

7.5CVSS0.95242EPSS
Exploits16
Packet Storm
Packet Storm
added 2021/06/07 12:0 a.m.384 views

Rocket.Chat 3.12.1 NoSQL Injection / Code Execution

Title: Rocket.Chat 3.12.1 - NoSQL Injection to RCE Unauthenticated Author: enox Date: 06-06-2021 Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 3.12.1 CVE: CVE-2021-22911 Credits: https://blog.sonarsource.com/nosql-injections-in-rocket-chat !/usr/bin/python...

0.95242EPSS
Exploits16
0day.today
0day.today
added 2021/06/07 12:0 a.m.125 views

Rocket.Chat 3.12.1 - NoSQL Injection to Remote Code Execution (Unauthenticated) Exploit

Title: Rocket.Chat 3.12.1 - NoSQL Injection to RCE Unauthenticated Author: enox Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 3.12.1 CVE: CVE-2021-22911 Credits: https://blog.sonarsource.com/nosql-injections-in-rocket-chat !/usr/bin/python import requests impo...

9.8CVSS0.5AI score0.95242EPSS
Exploits16
Circl
Circl
added 2021/06/07 12:0 a.m.86 views

CVE-2021-22911

creationtimestamp| type| source ---|---|--- 2021-06-07 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/49960 2021-06-07 15:45:27+00:00| published-proof-of-concept| Telegram/tCqBhGf-ONTgPl1jNxk7jSK9BW7FRzVpc1tCk80-PQdj1g 2021-07-07 00:00:00+00:00| exploited|...

9.8CVSS7.3AI score0.95242EPSS
In wildExploits16References10
GithubExploit
GithubExploit
added 2021/06/05 3:5 p.m.198 views

Exploit for Special Element Injection in Rocket.Chat

CVE-2021-22911 Pre-Auth Blind NoSQL Injection leading to Remot...

9.8CVSS10AI score0.95242EPSS
Exploits16
OSV
OSV
added 2021/05/27 12:15 p.m.22 views

CVE-2021-22911

A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE...

9.8CVSS6.6AI score
Exploits0References4
CVE
CVE
added 2021/05/27 11:14 a.m.372 views

CVE-2021-22911

CVE-2021-22911 affects Rocket.Chat 3.11–3.13 and is a NoSQL injection that enables unauthenticated access to an API endpoint, potentially leading to data exposure, modification, or remote code execution. Root cause: NoSQL injection in endpoints such as getPasswordPolicy and users.list, enabling r...

9.8CVSS9.2AI score0.95242EPSS
In wildExploits16References4Affected Software1
Rows per page
Query Builder