CVE-2021-39165 PoC — Github Cachet SQL注入漏洞

Source

https://github.com/W0rty/CVE-2021-39165

Associated Vulnerability

Title:Github Cachet SQL注入漏洞 (CVE-2021-39165)
Description:Github Cachet是一个应用软件。一个开源状态页面系统。 Cachet 2.3.18之前版本存在SQL注入漏洞，未经身份验证的攻击者可以利用此漏洞从数据库中窃取敏感数据，例如管理员密码和会话。

Description

Github repository which contains a functional exploit for CVE-2021-39165

Readme

# CVE-2021-39165

This Python script allows to exploit CVE-2021-39165 in Cachet prior to and including 2.3.18 automatically.

## References :
 - https://github.com/fiveai/Cachet/security/advisories/GHSA-79mg-4w23-4fqc
 - https://nvd.nist.gov/vuln/detail/CVE-2021-39165

File Snapshot


 [4.0K]  /data/pocs/c9a39d10d7590bf026af7f2ec0651251a837aa76
├── [4.0K]  exploit.py
├── [ 269]  README.md
└── [  20]  requirements.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!