CVE-2022-24124

HIGH NUCLEI

Casdoor < 1.13.1 - SQL Injection via Query API Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 7 public exploits for CVE-2022-24124. PoCs published by Mayank Deshmukh, ColdFusionX, b1gdog. A Nuclei detection template is also available.

AI-analyzed exploit summary This Go script exploits an unauthenticated SQL injection vulnerability in Casdoor versions prior to 1.13.1 by injecting a payload into the 'field' parameter of the '/api/get-organizations' endpoint to dump the database version.

Description

The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and value parameters, as demonstrated by api/get-organizations.

Exploits (7)

exploitdb WORKING POC
by Mayank Deshmukh · gowebappsmultiple
https://www.exploit-db.com/exploits/50792

This Go script exploits an unauthenticated SQL injection vulnerability in Casdoor versions prior to 1.13.1 by injecting a payload into the 'field' parameter of the '/api/get-organizations' endpoint to dump the database version.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Casdoor < 1.13.1
No auth needed
Prerequisites: Network access to the target Casdoor instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 8 stars
by ColdFusionX · poc
https://github.com/ColdFusionX/CVE-2022-24124

This is a functional proof-of-concept exploit for CVE-2022-24124, an unauthenticated SQL injection vulnerability in Casdoor versions prior to 1.13.1. The exploit leverages the `updatexml` function to extract the database version via an error-based SQL injection technique.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Casdoor < 1.13.1
No auth needed
Prerequisites: Network access to the target Casdoor instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 2 stars
by b1gdog · poc
https://github.com/b1gdog/CVE-2022-24124

This repository contains a Python-based proof-of-concept (PoC) scanner for CVE-2022-24124, a SQL injection vulnerability in Casdoor versions prior to 1.13.1. The script tests for the vulnerability by sending a crafted request to the `/api/get-organizations` endpoint and checking for the presence of 'XPATH' in the response.

Classification
Working Poc | Scanner 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Casdoor < 1.13.1
No auth needed
Prerequisites: Network access to the target Casdoor instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 1 stars
by abbarhissarh · poc
https://github.com/abbarhissarh/CVE-2022-24124

This repository contains a functional Go-based exploit for CVE-2022-24124, a SQL injection vulnerability in Casdoor versions prior to 1.13.1. The exploit sends a crafted HTTP request to the `/api/get-organizations` endpoint, triggering an XPath error that leaks the database version.

Classification
Working Poc 100%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Casdoor < 1.13.1
No auth needed
Prerequisites: Network access to the target Casdoor instance
devstral-2 · analyzed Apr 10, 2026 Full analysis →
nomisec WORKING POC 1 stars
by ar2o3 · poc
https://github.com/ar2o3/CVE-2022-24124

This is a functional proof-of-concept exploit for CVE-2022-24124, an unauthenticated SQL injection vulnerability in Casdoor versions prior to 1.13.1. The exploit leverages the `updatexml` function to extract the database version via an error-based SQL injection technique.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Casdoor < 1.13.1
No auth needed
Prerequisites: Network access to the target Casdoor instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →
inthewild SCANNER
poc
https://github.com/cukw/cve-2022-24124_poc

The repository contains a Python script that scans for CVE-2022-24124, a SQL injection vulnerability in Casdoor's API. It checks for the presence of the 'XPATH' string in the response to determine if the target is vulnerable.

Classification
Scanner 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Casdoor < 1.13.1
No auth needed
Prerequisites: network access to the target Casdoor instance
devstral-2 · analyzed Feb 23, 2026 Full analysis →
inthewild WORKING POC
poc
https://github.com/b1gdog/cve-2022-24124_poc

The repository contains a functional Python script that exploits CVE-2022-24124, a SQL injection vulnerability in Casdoor's API. The script sends a crafted request to the `/api/get-organizations` endpoint with an `updatexml` payload to trigger the vulnerability and checks for the presence of 'XPATH' in the response to confirm exploitation.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Casdoor < 1.13.1
No auth needed
Prerequisites: network access to the target Casdoor instance
devstral-2 · analyzed Feb 23, 2026 Full analysis →

Nuclei Templates (1)

Casdoor 1.13.0 - Unauthenticated SQL Injection
HIGHby cckuailong
Shodan: http.title:"Casdoor" || http.title:"casdoor"
FOFA: title="casdoor"

References (4)

Core 4
Core References
Exploit, Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://github.com/casdoor/casdoor/issues/439
Exploit, Patch, Third Party Advisory x_refsource_misc
https://github.com/casdoor/casdoor/pull/442
Release Notes, Third Party Advisory x_refsource_misc
https://github.com/casdoor/casdoor/compare/v1.13.0...v1.13.1
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/166163/Casdoor-1.13.0-SQL-Injection.html

Scores

CVSS v3 7.5
EPSS 0.5999
EPSS Percentile 98.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-89
Status published
Products (2)
casbin/casdoor < 1.13.1
casdoor/casdoor 0 - 1.13.1Go
Published Jan 29, 2022
Tracked Since Feb 18, 2026