CVE-2023-25813 PoC — Sequelize SQL注入漏洞

Source

https://github.com/numbbvi/CVE-2023-25813

Associated Vulnerability

Title:Sequelize SQL注入漏洞 (CVE-2023-25813)
Description:Sequelize是一款用于Node.js的数据库ORM（对象关系映射）工具。 Sequelize 6.19.1之前版本存在安全漏洞，该漏洞源于未正确转义参数，存在SQL注入漏洞。

Description

CVE-2023-25813 Vulnerability Reproduction - SQL Injection in Sequelize

Readme

# CVE-2023-25813
CVE-2023-25813 Vulnerability Reproduction - SQL Injection in Sequelize

File Snapshot


 [4.0K]  /data/pocs/808492ee72367cd801b1ed99dc0d2072b63120af
├── [ 929]  app.js
├── [4.0K]  config
│   └── [ 361]  database.js
├── [ 672]  docker-compose.yml
├── [ 280]  Dockerfile
├── [4.0K]  models
│   └── [ 468]  user.js
├── [ 593]  package.json
├── [4.0K]  public
│   ├── [4.0K]  css
│   │   └── [ 653]  main.css
│   └── [4.0K]  js
│       └── [   0]  main.js
├── [  88]  README.md
├── [4.0K]  routes
│   └── [3.2K]  auth.js
├── [4.0K]  views
│   ├── [ 682]  base.ejs
│   ├── [ 643]  change_pw.ejs
│   ├── [ 249]  index.ejs
│   ├── [ 630]  login.ejs
│   └── [ 683]  register.ejs
└── [5.1K]  wait-for-it.sh

7 directories, 16 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!