Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

CVE-2021-39165 PoC — Unauthenticated SQL Injection

Source
https://github.com/manbolq/CVE-2021-39165
Associated Vulnerability
Title:Unauthenticated SQL Injection (CVE-2021-39165)
Description:Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the `SearchableTrait#scopeSearch()`. Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as administrator's password and session. The original repository of Cachet <https://github.com/CachetHQ/Cachet> is not active, the stable version 2.3.18 and it's developing 2.4 branch is affected.
Description
Python3 POC for CVE-2021-39165 in CachetHQ
Readme
# CVE-2021-39165
Python3 POC for CVE-2021-39165 in CachetHQ


# Usage
First of all, you should install the dependencies:

```bash
pip3 install -r requirements.txt
```

If you want to check whether the victim URL is vulnerable or not, you can execute:

```bash
python3 exploit.py -u <URL> -c
```

If you want to know the output of a MySQL query, you can execute:

```bash
python3 exploit.py -u <URL> -q <QUERY>
```

**Note**: You should write a query whose output is a one-liner for the script to work properly :)

You can also check the help panel by typing:

```bash
python3 exploit.py -h
```
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →