Lucene search
K

7 matches found

GithubExploit
GithubExploit
added 2022/06/04 9:1 p.m.336 views

Exploit for SQL Injection in Casbin Casdoor

POC for CVE-2022-24124 Exploit Code for CVE-2022-24124ht...

7.5CVSS7.9AI score0.58927EPSS
Exploits9
Qualys Blog
Qualys Blog
added 2022/03/09 10:31 a.m.95 views

Casdoor SQL Injection (CVE-2022-24124)

On Jan 22, 2022, a high severity SQL Injection vulnerability was reported in Casdoor which affected versions before 1.13.1 release. The vulnerability is tracked as CVE-2022-24124 with CVSS V3 7.5 score has a publicly available simple proof of concept which makes it easier for skilled attackers to...

5CVSS7.7AI score0.58927EPSS
Exploits9
0day.today
0day.today
added 2022/02/28 12:0 a.m.712 views

Casdoor 1.13.0 - SQL Injection (Unauthenticated) Vulnerability

// Exploit Title: Casdoor 1.13.0 - SQL Injection Unauthenticated // Exploit Author: Mayank Deshmukh // Vendor Homepage: https://casdoor.org/ // Software Link: https://github.com/casdoor/casdoor/releases/tag/v1.13.0 // Version: version 1.13.1 // Security Advisory:...

7.5CVSS0.8AI score0.58927EPSS
Exploits9
GithubExploit
GithubExploit
added 2022/02/25 7:55 a.m.460 views

Exploit for SQL Injection in Casbin Casdoor

POC for CVE-2022-24124 Exploit Code for CVE-2022-24124ht...

7.5CVSS7.9AI score0.58927EPSS
Exploits9
ATTACKERKB
ATTACKERKB
added 2022/01/29 11:15 p.m.5 views

CVE-2022-24124

The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and value parameters, as demonstrated by api/get-organizations...

7.5CVSS5.7AI score0.58927EPSS
Exploits9References6
Cvelist
Cvelist
added 2022/01/29 10:53 p.m.21 views

CVE-2022-24124

The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and value parameters, as demonstrated by api/get-organizations...

7.9AI score0.58927EPSS
Exploits9References4
CVE
CVE
added 2022/01/29 10:53 p.m.126 views

CVE-2022-24124

Casdoor prior to 1.13.1 is affected by an unauthenticated SQL injection in the query API (api/get-organizations) via the field and value parameters. The Nuclei template and related proofs indicate an unauthenticated remote injection that can dump database information and potentially lead to data ...

7.5CVSS7.5AI score0.58927EPSS
Exploits9References4Affected Software1
Rows per page
Query Builder